{"report_id":"7ccc424a-b3b9-411c-b9be-c76769299fb1","version":6,"status":"done","tags":["wetransfer","phishing","financial"],"date":"2026-04-09T14:03:17Z","url":{"schema":"http","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"title":"WeTransfer","dom":{"size":636471,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (62746)","md5":"53f41feeb43a519ae76f0ed7e853f9e0","sha1":"87666f294b70a8c3e52bc28bc78a245d9949ade5","sha256":"1f2dfb75d7d0179710ff320678684c6283cb4715cd67bcb0688f07b79b18c361","sha512":"2684f7e1fda0aa0e6b59d60267c79464dcc63f79147d8383f86a96c1e40354fb1492b3ea1abb1b6ef73f4116747fb8abad84f43aeb90d6b17ebf9206b4204e1a","ssdeep":"12288:PkTBMXjRSZEq1juWQO1iJD5WvDPWSoco9oav:PC9ZEqBuWQO1iJD5Wvy","tlshash":"cbd46b36a6692914db7bcab6b5c1fe943c24ed13c143c4d8f18563accac722547f2b1a","dom_hash":"domhashf603b4c788bca3076b6ec793c90037f1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T14:03:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"prod-cdn.wetransfer.net","ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2009-02-02","domain_rank":760029,"first_seen":"2018-10-23T08:53:42Z","last_seen":"2026-04-09T01:41:28.497391Z","alert_count":0,"request_count":5,"received_data":152462,"sent_data":2658,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"abba-unick.com","ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"domain_registered":"2025-11-21","domain_rank":0,"first_seen":"2026-04-09T12:19:26.258227Z","last_seen":"2026-04-09T12:19:26.258227Z","alert_count":115,"request_count":23,"received_data":3991621,"sent_data":11546,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Popper:1.12.9","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","ip":{"addr":"63.250.43.129","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2022-05-26","domain_rank":0,"first_seen":"2022-08-12T11:46:38Z","last_seen":"2026-04-09T01:41:28.465027Z","alert_count":12,"request_count":4,"received_data":37398,"sent_data":2180,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"abba-unick.com/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-09T16:26:34.360405Z","times_seen":269557,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","size":19188,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T16:04:57.347447Z","times_seen":104345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-09T16:26:34.360405Z","times_seen":269557,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","size":69597,"data":"","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-04-09T15:56:34.133165Z","times_seen":76742,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e482b304c542822e2abfe756d0afc2e","sha1":"472f517561c6a24eb42a10949f26f2958ed66b0f","sha256":"190c0f852e7d36453f82e6b3724dc4fdfa6645470dcb81c3123cb45abf1d8feb","sha512":"998e83d33c6b180ad4af5df16ac3e15986211acd37d46eb2a972b811f4f100181d5ab3cc0e0039a0d45def9d13337bdbac7c3129b74cc98e1dab4feb888a8606","ssdeep":"","tlshash":"25c080b77beb093105efb57f14204b4c3434c40c2d0163092d3c8474c435de7643aa89","size":180,"data":"","first_seen":"2023-03-10T03:57:28Z","last_seen":"2026-04-09T14:03:30.858069Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","size":48944,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.133687Z","times_seen":103573,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","size":69597,"data":"","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-04-09T15:56:34.133165Z","times_seen":76742,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","size":48944,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.133687Z","times_seen":103573,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"10c6db510fa5e86ca96c9e5478998536","sha1":"be37bd9e1d8e9ace1a0d36b68ac844316073f0d6","sha256":"00de48e5cc9a51c60b85c1b75fc1552fca4090e5e17ec5162c35f6edcc803c9a","sha512":"a3a2fd3ed34de798c44973b4ec0e7d74486506d2c2ecbb464cd9454ca041f78193478b64d9f1d8aa20dd57a58a4f10f4e342dbbdbf4bc0fe9ee6af501347c17e","ssdeep":"","tlshash":"7fd05ef772e619b00bde76ef182287497c78c8349c152054ac6c84719074e9554aaa94","size":255,"data":"","first_seen":"2023-03-07T13:52:30Z","last_seen":"2026-04-09T14:03:30.858509Z","times_seen":234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","size":19188,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T16:04:57.347447Z","times_seen":104345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"50269a5c4bb0b82d479ce39d3debb16c","sha1":"7d2d8e2693dc353cd52bcb010c12bea6dee2c4ee","sha256":"1907e0faf4a94ed2bf53eb7eea33143b11fc44882e978c7b12c1c26f895a26af","sha512":"07c5baa39ca5a6cfa61ed24052f4620b9f89788e058e7b176ef5e5aab6c4e2bf208d7d2457012871b9c90ac7794e67beb355d3e1a4b8db7f772c78e96e0ea9b1","ssdeep":"","tlshash":"31e07d0c18702330826f1003c89ea9c06de617c46027d0d1c0cd9c5254a0d3fd17fda2","size":316,"data":"","first_seen":"2023-03-07T13:52:30Z","last_seen":"2026-04-09T14:03:30.859064Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"abfaddc2d80a6facf237821a9bd306d3","sha1":"bad307ff2199619d65a0fe124098d66f3daf56e9","sha256":"e4fa874b63a70bb25ef2e418e7ac254d925a4b76e0b76c9fbd83c3def9013161","sha512":"abbded1838ec74704b455de1076d317eadca706ccf54f8f222658f9797d425f3a8e157feb89c6b4e3c477f3dec911c465605bdfd1640862996ba8f076349aefa","ssdeep":"","tlshash":"5d51a445e09222a30473207825bfa28535b28b472546df48359cca88bf3cf3fbd7115b","size":2557,"data":"","first_seen":"2026-04-09T12:19:28.828471Z","last_seen":"2026-04-09T14:03:30.859504Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff\r\ncontent-length: 43188\r\ndate: Tue, 07 Apr 2026 17:58:18 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:25:55 GMT\r\netag: \"55576599a2d772f9297c5036d355b1fb\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: l-NmyyhuAHt1iz-hxMV_CS06_SqFoVBj78Bye6JZAdqG99F-qdHfaQ==\r\nage: 158670\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":43188,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 43188, version 0.0","md5":"55576599a2d772f9297c5036d355b1fb","sha1":"c52e4f9a59137105deb12a3de25ee7d5a15fd286","sha256":"1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73","sha512":"8270b97f43ffbe59405d81a988a5c194b15dcb3159d49ff7c37560c90069f1eef67bab8e15c2dcce69fb5cf51810d4d4834af69db6b6571bc3d0464c5d6b6514","ssdeep":"768:x94SBRGblSQhMXU2pewGKB6kuvBkW3fsNPSghXI+Ktehv2hMobEh5p:xhBcBoU2plBIBvODFy4hehMl5p","tlshash":"27130253c89b3f9c70b6b3bb55365ee128895c03e0666f1e3b41ec466f2b4d052e9351","first_seen":"2023-04-30T22:39:51Z","last_seen":"2026-04-09T14:03:30.85474Z","times_seen":1978,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":91,"dns":22,"connect":2,"send":0,"wait":7,"receive":1,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 04 May 2020 21:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6644\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19188,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19015)","md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T16:04:57.347447Z","times_seen":104345,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 26 Jan 2021 04:04:04 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12542\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48944,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48664)","md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.133687Z","times_seen":103573,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T14:02:46.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:15:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 155610\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Popper:1.12.9","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":636718,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (62760), with CRLF line terminators","md5":"ce2230813444005e3718a32732b43176","sha1":"574849f3ab9728187aa798d4ab602c7193ef821e","sha256":"a01216c1f9e1ee87b9c57a07c491d5cc65eeb21110f5b5f410405e4332ac610f","sha512":"c122868da116a3202b83974caf4bd79f8a62f0068e16a6fffaf22ec95433fff3190f2cfe7a1ea62bf03d3b3f42e59f115accbf1c017f330800ed3eb293ae7899","ssdeep":"12288:rkTBMXjRSZEq1juWQO1iJD5WvQPW2o0otol4:rC9ZEqBuWQO1iJD5Wvh","tlshash":"b2d45b36a6691914db7bcab6b5c1fe943c24ed13c143c4d8f18563accac72254bf2b1a","first_seen":"2026-04-09T12:19:28.821932Z","last_seen":"2026-04-09T14:03:30.856862Z","times_seen":4,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":55,"dns":0,"connect":27,"send":0,"wait":44,"receive":53,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/vendor-ef8fd9ca3a0295622111.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/vendor-ef8fd9ca3a0295622111.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32532\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249867,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"2450720275927c630a168aea0ba542f6","sha1":"67376850e0a314720db38c64540b4603b754a54c","sha256":"59a6a05bab7e795c84404fe205348e9e90f820983ae4774ea9cd384898bb5bad","sha512":"61f6781f89b54032401cdda54abb40b87818ddf3ff0638073811ecac53fece3ddcceb8c8f3aaf1a0faa7face5ddfda875eeb492eaac0236615741e6ac0667bd3","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4WW:uFcFMeWFHFYdqX7NFq","tlshash":"c134ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.824656Z","last_seen":"2026-04-09T14:03:30.857458Z","times_seen":4,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff\r\ncontent-length: 32124\r\ndate: Tue, 07 Apr 2026 17:58:18 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:25:54 GMT\r\netag: \"868aedeefe7669e8a4f7196f7df5d058\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: z4isRfreWF7UGQJh3cFqK2AXxaxcXdMs7GPpMyeoxn9iW-rkkgfvjQ==\r\nage: 158670\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":32124,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 32124, version 1.6554","md5":"868aedeefe7669e8a4f7196f7df5d058","sha1":"45bd20ef2c6b717a2526efd98a01207979b2a623","sha256":"d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555","sha512":"45557b3f328f014fcbf09a848b2f22e66c41968b03523976f66f9381b0408461766f1b837caaa67a26c4b707ea81ef32cf59776244d19bf0d569c63753b5c0b6","ssdeep":"384:9KqyAC8A/DfD+jM4dELqNANmz6tHTp9cQkHusYuItzXpWiwhXG+l9dmUbggofHJ5:9JY8A/74miY9uQATzi8t9dmMgdU8p7j","tlshash":"58e2f1b36a6673d5e06c3b7787afb6607c9f4ef8e4ac407847e2cdd80659242d422463","first_seen":"2023-04-30T22:39:51Z","last_seen":"2026-04-09T14:03:30.854265Z","times_seen":2099,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":30,"dns":23,"connect":2,"send":0,"wait":3,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 26 Jan 2021 04:04:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 13430\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff\r\ncontent-length: 31120\r\ndate: Tue, 07 Apr 2026 17:58:18 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:25:54 GMT\r\netag: \"57cbbfdafc43e0deecc75a309dd042c6\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 4_Ey6c3ILqQVi_vbwqCS4KqwuJIlidA1th5Gpfx_zK_omGQu-TmHbA==\r\nage: 158670\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":31120,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 31120, version 1.6554","md5":"57cbbfdafc43e0deecc75a309dd042c6","sha1":"b9cc2ff331b8520706de175f5b3fdba6731a9bfc","sha256":"a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6","sha512":"c997d44853dbc86c4a75e123306e504ab88ffdd7449b196ab200018adf355183a474ef71f31e61f949be3cb7bac888d3f3a22aec4226f9d50bd8b3fbde1ef13c","ssdeep":"768:P75Q02qtpsFozdYYk5SdY8cyynGiYENuQO9h:Nd2wq2zdYYktF5Nc","tlshash":"3dd2f1605f22c642d7baf9fef8e55ea488e147b4043cb26b0d5ed4ad9cd469901c306c","first_seen":"2023-04-30T22:39:51Z","last_seen":"2026-04-09T14:03:30.846698Z","times_seen":2095,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":95,"dns":21,"connect":2,"send":0,"wait":8,"receive":1,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/fbevents.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/fbevents.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32510\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249848,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"dde0610340d3582581a8ae445603d5c0","sha1":"9d3700f36651575645990cc8fa8a320142047efe","sha256":"f24363e7b4ab5502201c90eb6a67b08acb8b20efc60a1f46087bad1e68dd5983","sha512":"d04f0a5f6d632242c0dc3e6c49619ce8693bf50ee2ff3beb75e202d4eb4a7460c220765b85911ad1c0766fe03d6b99fc99f2476b57020d6c656a43b94ac6c459","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4WD:uFcFMeWFHFYdqX7NFv","tlshash":"f734ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.819374Z","last_seen":"2026-04-09T14:03:30.848834Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/0.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/0.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32505\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249840,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"717d902c726ebcdabfba6f211fdf60f7","sha1":"f2f6a388ae174932ebdee4621d14bcc7324685de","sha256":"5650b201e89cdb5ffaca13d19652117d9f5345557432d039d4e7504935896c5e","sha512":"aa09e5fcbfb576b7d1d71e8ac007e4568399e9a94b8d4e624a97f874c03894ff0624b52e16008892b5fb7e41fd1d949fc16d31df88e4a55ddb60c369c833bbf8","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4WV:uFcFMeWFHFYdqX7NF5","tlshash":"d234ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.807739Z","last_seen":"2026-04-09T14:03:30.855888Z","times_seen":4,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /code.jquery.com/jquery-3.2.1.slim.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 18 Oct 1991 17:00:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 23384\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":69597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32012)","md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-04-09T15:56:34.133165Z","times_seen":76742,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 04 Mar 2020 01:15:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 29167\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-09T16:26:34.360405Z","times_seen":269557,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff","fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","domain":"mk2-b4c8d3.ingress-earth.ewp.live","tld":"ingress-earth.ewp.live"},"ip":{"addr":"63.250.43.129","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ingress-earth.ewp.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:DA:12:6B:38:91:02:10:F5:47:78:7C:AF:80:FF:15:35:76:D8:1B","sha256":"C4:E9:92:95:21:77:5B:3F:20:50:4B:26:DA:6B:2D:09:0F:B8:0A:A2:C3:D3:E3:43:ED:80:DD:3A:C3:9F:6C:1D"}}},"request":{"raw":"GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff HTTP/1.1\r\nHost: mk2-b4c8d3.ingress-earth.ewp.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":13290,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5189)","md5":"8553bbcbb84d45213214887c96cadf69","sha1":"85f99f563a8188cf9bd3fd12e4cc53fcb693d8bf","sha256":"a3b1fbae97dc371670f87abde3b60cfaa0caf17c1878e7f08c123b66429f7fbc","sha512":"59a6abe016c89085cfdbf5f7a24904f1bba14b2090c774f1ae4557d297685a84c3b5e720025b30a0a3b5a47b06808ad602ca76fe99a98933dde33b734538632e","ssdeep":"192:xqkuICh/1y31t8uWuIPh/1y31t8uFOxarz2yAMGHimRyZY3JCsR+IcPzB4:cbIu41vIV417igz2yAfHGyJZR+DzW","tlshash":"9d529e7f1656446e1a9102bc4dd424090ded3487bae280d2f89d93ae1fea42075bb8bd","first_seen":"2025-05-28T12:06:52.097481Z","last_seen":"2026-04-09T14:03:30.84477Z","times_seen":43,"resource_available":false,"data":null}},"time_used":2029,"timings":{"blocked":575,"dns":40,"connect":161,"send":0,"wait":848,"receive":24,"ssl":378},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mk2-b4c8d3.ingress-earth.ewp.live/packs/media/images/globe-dd3d31e7.svg","fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","domain":"mk2-b4c8d3.ingress-earth.ewp.live","tld":"ingress-earth.ewp.live"},"ip":{"addr":"63.250.43.129","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ingress-earth.ewp.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:DA:12:6B:38:91:02:10:F5:47:78:7C:AF:80:FF:15:35:76:D8:1B","sha256":"C4:E9:92:95:21:77:5B:3F:20:50:4B:26:DA:6B:2D:09:0F:B8:0A:A2:C3:D3:E3:43:ED:80:DD:3A:C3:9F:6C:1D"}}},"request":{"raw":"GET /packs/media/images/globe-dd3d31e7.svg HTTP/1.1\r\nHost: mk2-b4c8d3.ingress-earth.ewp.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T16:28:35.979051Z","times_seen":13545948,"resource_available":true,"data":null}},"time_used":1373,"timings":{"blocked":575,"dns":41,"connect":163,"send":0,"wait":199,"receive":18,"ssl":372},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/17116643.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/17116643.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32509\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249848,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"2e224fb2b2dfc75c5820f457c638efcf","sha1":"de5d63b6df244141568356f2d198c135ec09523d","sha256":"5c8b7e4b6ca6a6e80f789b9b25dc494873d1471dad047c474e387b8602e91046","sha512":"6d8a85e7f157991e4a60efdf78372f19bc424bcd839d5cade94d8d5595c54d862db985dafc8028028b92149628ea64dd0c10e361a293080b7725aec021e0512d","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4W9:uFcFMeWFHFYdqX7NFJ","tlshash":"ba34ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.805056Z","last_seen":"2026-04-09T14:03:30.851194Z","times_seen":4,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff","fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","domain":"mk2-b4c8d3.ingress-earth.ewp.live","tld":"ingress-earth.ewp.live"},"ip":{"addr":"63.250.43.129","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ingress-earth.ewp.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:DA:12:6B:38:91:02:10:F5:47:78:7C:AF:80:FF:15:35:76:D8:1B","sha256":"C4:E9:92:95:21:77:5B:3F:20:50:4B:26:DA:6B:2D:09:0F:B8:0A:A2:C3:D3:E3:43:ED:80:DD:3A:C3:9F:6C:1D"}}},"request":{"raw":"GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1\r\nHost: mk2-b4c8d3.ingress-earth.ewp.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":11842,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3741)","md5":"7c519fab95a2f4e4f8f80ec8f12a95c2","sha1":"0a439d8a18b669d874c1c90dcb1384be8f7a6946","sha256":"b2aabc5082eb57904c48984049e33afce9eba763be42cc220b421e9461a8e2a5","sha512":"8561759ba8a0e2188cc06bc0f6c2436db923a998e1bbba25f68e2defa9a34b6c467a0c1082902caa832ae2fe36d0dd3d2302bad876f5e8abaf3061a42adcdb04","ssdeep":"192:xqkuICh/1y31t8uWuIPh/1y31t8uFOxarz2yAMGHimRyZY3JCsR+IW:cbIu41vIV417igz2yAfHGyJZR+D","tlshash":"a8328e7f1516486e06e202bc4ed0294d0ded3487fdd284d2f49da3fe0fe941069ab96d","first_seen":"2025-05-10T18:30:36.366975Z","last_seen":"2026-04-09T14:03:27.155597Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1365,"timings":{"blocked":570,"dns":39,"connect":163,"send":0,"wait":197,"receive":20,"ssl":373},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 26 Jan 2021 04:04:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 13430\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/runtimeapplication-bafdd8b86fd88bb4273d.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/runtimeapplication-bafdd8b86fd88bb4273d.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32532\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249879,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"d27fe488882fc26ea1203d58b4192e56","sha1":"c99de976c4e9c613c20a41a15c211afa1cccd700","sha256":"9cfab40dff3d62db6b8c3900aea7398ece8065aea8f943ab56143e5cc8b3efa4","sha512":"cd1617f860b04587ff0a37fc2af4fee8ef8c0e31c8d003918b99bca13689067b9731e563d5aaf8f37a65e4de1dba1bcf29f021e78a8acad4d876a899094005d1","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4Wy:uFcFMeWFHFYdqX7NFO","tlshash":"9f34ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.809592Z","last_seen":"2026-04-09T14:03:30.845991Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/application-c2b6f877fed288c2431f.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/application-c2b6f877fed288c2431f.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32525\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249872,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"9e0101d5a515722aab9e6172ebb72a6c","sha1":"6f862ad397a0aa1c1781cfd7e809e2604e6fecdd","sha256":"92e8140fbda9c5d28c41349cc7d4723114aee6c6268d84711ef79a1913f0b7a9","sha512":"2adec51146dc088abd9c20555d7ecc534ed44a3cc7a9ef79ac0a9e72544c73de378db22a7f6dca4427c720ef51bc9b2d8dc9295ff1f5569322edc5650c89ba7b","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4WS:uFcFMeWFHFYdqX7NF+","tlshash":"c734ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.823405Z","last_seen":"2026-04-09T14:03:30.851871Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/transfer_window/email-verification-lock-e6ed8c56.svg HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ndate: Mon, 18 Aug 2025 06:03:41 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:26:03 GMT\r\ncontent-encoding: gzip\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nserver: AmazonS3\r\netag: W/\"207f0c93fc997af575b8b9ad9db8777c\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: S_SCxEPvtKjfdWtG0yrLDmmwYG0LOWv4dQB_HhiHUYW47H7GuJIjBw==\r\nage: 20246347\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1747,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"207f0c93fc997af575b8b9ad9db8777c","sha1":"9f7d95b4aacc2545baa6998d51041ec317fd4543","sha256":"03f8a16b83dee3c100530e0d94d6dd12833087841e1b7f5e56ca65c890984d92","sha512":"342281ab94285f9df2fc55af42ef780c046cbd70bffdad9b873f99ca6116515a8180cab79224c47d093e3643f0766429074b9164f482e6cb42d6ca88725de370","ssdeep":"","tlshash":"0e3142666339537ad424e32c8e3950b55b2395f0df1c302dd0a11833749a6cf9ed2af8","first_seen":"2023-05-15T21:49:42Z","last_seen":"2026-04-09T14:03:30.838553Z","times_seen":205,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":78,"dns":12,"connect":1,"send":0,"wait":3,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/0.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/0.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32505\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249840,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"717d902c726ebcdabfba6f211fdf60f7","sha1":"f2f6a388ae174932ebdee4621d14bcc7324685de","sha256":"5650b201e89cdb5ffaca13d19652117d9f5345557432d039d4e7504935896c5e","sha512":"aa09e5fcbfb576b7d1d71e8ac007e4568399e9a94b8d4e624a97f874c03894ff0624b52e16008892b5fb7e41fd1d949fc16d31df88e4a55ddb60c369c833bbf8","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4WV:uFcFMeWFHFYdqX7NF5","tlshash":"d234ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.807739Z","last_seen":"2026-04-09T14:03:30.855888Z","times_seen":4,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 26 Jan 2021 04:04:04 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12542\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48944,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48664)","md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.133687Z","times_seen":103573,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /code.jquery.com/jquery-3.2.1.slim.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 18 Oct 1991 17:00:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 23384\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":69597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32012)","md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-04-09T15:56:34.133165Z","times_seen":76742,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 04 Mar 2020 01:15:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 29167\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-09T16:26:34.360405Z","times_seen":269557,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 26 Jan 2021 04:04:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 13430\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T15:56:34.1342Z","times_seen":120818,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/analytics.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/analytics.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32519\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249849,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"c5f0db00045f75da12172e30e26f3810","sha1":"1e7b5350ca5347f35da750d411571e095fd1f92c","sha256":"1a7880f4f5ba293a62acb8ca980bb0757bf33c5439daf25b39b94ac06dfa305d","sha512":"cd334376f8cd4c8378108fb2458bd6482cc9f6a7a3505da3fe0508e54ed36c3a2fefd2139a740948239b99bb34029c9c6086d7e92671e4b2cb58d85c9d1404a1","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4Wm:uFcFMeWFHFYdqX7NFi","tlshash":"4a34ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.797781Z","last_seen":"2026-04-09T14:03:30.855279Z","times_seen":4,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/wallpaper-59e18dcf37d4cc5f163b.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/wallpaper-59e18dcf37d4cc5f163b.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32528\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249870,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"580629bfd353bebad5e25df032ff2aa7","sha1":"dcc0b09627658c6c59d88a90f945b3d6be5d19cc","sha256":"6959b8cf18bf4a83b0a74865f5fc4d5018111adfed4b074b7d67712fdda13578","sha512":"c6ddebeaa1cbc257666f051a45ae4c63ea8726491c7c890a53cee23fb885f9acbf0946d96a94843fdb8c9e01e37dfe422685a1a349dae764a5904e4349c73588","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4Wf:uFcFMeWFHFYdqX7NFz","tlshash":"fb34ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.812573Z","last_seen":"2026-04-09T14:03:30.847258Z","times_seen":4,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Apr 2026 14:02:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 04 May 2020 21:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6644\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19188,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19015)","md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-09T16:04:57.347447Z","times_seen":104345,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:48.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 41566\r\ndate: Thu, 11 Sep 2025 04:40:07 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:25:56 GMT\r\netag: \"692e1c7339c359b6412f059c9c9a0474\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 7DKBeiRDLT83ey1C1YL3OUQ5D1wwlzEEDJhRPGxA6vKOYVSKB3S1iQ==\r\nage: 18177762\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":41566,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"692e1c7339c359b6412f059c9c9a0474","sha1":"e7c1a53dca16b7664880e5b8a92524cf9a47fb62","sha256":"d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda","sha512":"115b958093186bf5f98beced2bde91775121083b1e73f720372d793a23ebc7cf130cc4c6196f5f0d725a809fd63997666ae1de36cf070dcb6b6d2178c6796894","ssdeep":"96:pnvhextGn8hK7mxOBsOqHJt46FWJisw0msSieZQckSpyt:pnZHKzxOeOqf46FWuASjQcA","tlshash":"0f13459726c4ca1cc7916f33c0e245fad77adc96cd34ae0fa18cbe5a7471529285b14c","first_seen":"2023-05-01T18:12:38Z","last_seen":"2026-04-09T14:03:30.848379Z","times_seen":2572,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/bat.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/bat.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32504\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249843,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"3a46827a94ae08ec81b69bf8b64ff790","sha1":"a244cb20f02440b34571534d9ceafb851fe167ad","sha256":"383407c6eba9681778d46ae9d86101f740f3ee41e904ca0a0121e4ff1629b38b","sha512":"9189db5d3995e8251cf273a210c335dbd61072ca72700f50b21dc304b10de0ab65f779aeadea1dbe391278595e2d06e70a615343beb268f53c3fed0abaf7d5ac","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4W5:uFcFMeWFHFYdqX7NFV","tlshash":"5634ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.815702Z","last_seen":"2026-04-09T14:03:30.845332Z","times_seen":4,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/gtm_002.html","fqdn":"abba-unick.com","domain":"abba-unick.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:46.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abba-unick.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 11:14:51 GMT","end":"Sun, 21 Jun 2026 11:14:50 GMT"},"fingerprint":{"sha1":"56:95:09:6E:B1:81:04:DF:BF:1A:C6:79:D7:EC:05:17:12:07:58:95","sha256":"8F:82:97:2C:6B:55:C8:FC:D3:98:65:BF:F9:A4:EC:A6:A1:E8:52:42:49:96:5A:B1:35:C0:C5:1A:DA:0C:31:68"}}},"request":{"raw":"GET /ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/css/gtm_002.html HTTP/1.1\r\nHost: abba-unick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abba-unick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 15:16:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32514\r\ndate: Thu, 09 Apr 2026 14:02:46 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249847,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (63640)","md5":"65519909c7579f68ba445fcf720b2226","sha1":"887da8b93e2f39c72e2e05f976a9bf8d50a57e89","sha256":"e2a5870628fe61fbff0d5a45561d55b00031d930fe62592e325ce46b6c7cfc8f","sha512":"ebe0fa21a83be71f61c5c3ca871f899858eb637526806d8a458281a110e89b3b451a920542bd3bb5b7f5cc8856167585305c60a305c9caffb72ab808faf8c3d0","ssdeep":"3072:uFcF23qAG7Jt7eLXh98Tht7qt75jlFW3qAG7d3qAG7kF03qAG7Y3qAG7qhpLq4Wt:uFcFMeWFHFYdqX7NFB","tlshash":"e234ff29f352c1b7dd8fc4afce60903e6418c7eea8d583019a3c872f56a16d9551e3ac","first_seen":"2026-04-09T12:19:28.800858Z","last_seen":"2026-04-09T14:03:30.850543Z","times_seen":4,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"abba-unick.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"abba-unick.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff","fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","domain":"mk2-b4c8d3.ingress-earth.ewp.live","tld":"ingress-earth.ewp.live"},"ip":{"addr":"63.250.43.129","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://abba-unick.com/ipfs.io/ipfs/bafybeib775dy6zdifo7zv6ywuotl2srxpo2e7hcwe2nnd5ace3kgl4462y/myagufri1-we-image.html","date":"2026-04-09T14:02:47.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ingress-earth.ewp.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:DA:12:6B:38:91:02:10:F5:47:78:7C:AF:80:FF:15:35:76:D8:1B","sha256":"C4:E9:92:95:21:77:5B:3F:20:50:4B:26:DA:6B:2D:09:0F:B8:0A:A2:C3:D3:E3:43:ED:80:DD:3A:C3:9F:6C:1D"}}},"request":{"raw":"GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1\r\nHost: mk2-b4c8d3.ingress-earth.ewp.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://abba-unick.com/\r\nOrigin: https://abba-unick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Thu, 09 Apr 2026 14:02:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":11842,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3741)","md5":"7c519fab95a2f4e4f8f80ec8f12a95c2","sha1":"0a439d8a18b669d874c1c90dcb1384be8f7a6946","sha256":"b2aabc5082eb57904c48984049e33afce9eba763be42cc220b421e9461a8e2a5","sha512":"8561759ba8a0e2188cc06bc0f6c2436db923a998e1bbba25f68e2defa9a34b6c467a0c1082902caa832ae2fe36d0dd3d2302bad876f5e8abaf3061a42adcdb04","ssdeep":"192:xqkuICh/1y31t8uWuIPh/1y31t8uFOxarz2yAMGHimRyZY3JCsR+IW:cbIu41vIV417igz2yAfHGyJZR+D","tlshash":"a8328e7f1516486e06e202bc4ed0294d0ded3487fdd284d2f49da3fe0fe941069ab96d","first_seen":"2025-05-10T18:30:36.366975Z","last_seen":"2026-04-09T14:03:27.155597Z","times_seen":14,"resource_available":false,"data":null}},"time_used":2034,"timings":{"blocked":574,"dns":38,"connect":163,"send":0,"wait":868,"receive":12,"ssl":372},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}