Report - abuturkeypharma.com/tame/?31127871//////////////////////////////////////////////////////////////////////////////////////////////

Report Overview

Visited public
2023-12-08 15:46:18
Tags
URL
abuturkeypharma.com/tame/?31127871//////////////////////////////////////////////////////////////////////////////////////////////
Finishing URL
abuturkeypharma.com/
IP / ASN
192.185.167.112
#46606 UNIFIEDLAYER-AS-1
Title
Abu Turkey Pharmacy – Abu Turkey Pharmacy

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

212

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-08 07:46:22	3.3 kB	145 kB	216.58.207.227
maps.google.com	1899	1997-09-15	2012-09-11 01:07:43	2023-12-07 22:29:37	759 B	560 B	216.58.211.14
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	703 B	1.8 kB	142.250.74.132
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-12-08 10:34:47	4.3 kB	233 kB	142.250.74.170
maps.gstatic.com	unknown	2008-02-11	2016-01-11 17:55:17	2023-12-08 09:23:00	441 B	62 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	2.0 kB	76 kB	216.58.211.10
abuturkeypharma.com	unknown	unknown	No data	No data	27 kB	6.2 MB	192.185.167.112

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed
2023-12-08	medium	abuturkeypharma.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (38)

	URL	From	Size	First Seen	Last Seen
	abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573	ScriptElement	6.4 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen3 Hash 74e1b838818c8f4a6d925fc7d628584e 7d5d41dda54d099ff0e51dcd28b256c937f64c37 eddf169134f4a4cb40f12639722c0f90c61498c589bb569c8f09fbd5e117f572 Loading...

	abuturkeypharma.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.1	ScriptElement	26 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.1 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash f3daea7f000ab24af0ce45e77e0ab79c 953006ce48bb1c54233913f3466fc325a23224b4 85d44cf7d99f325a51c1c5b710529da59f402b4258ea6fe197b1c813c77e89ec Loading...

	abuturkeypharma.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.5.2	ScriptElement	5.7 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.5.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen5 Hash 2f9c68726f290df83540dfaac7079ce8 16ce61272eeb95f28d844a840211347ebf625f2f c3b8500f041817ec257cbace246622ca66a490c80e7cf9a2f18a4b08d401fcd0 Loading...

	abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573	ScriptElement	10 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash ffac30e1398f595a4b56e385b30d0010 5de658d7a60a05753b582d102e99e05a8c60b703 f53e396227267ea64b75139a6e975342d461081a4a7e600438a80ecfaa8fa404 Loading...

	abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573	ScriptElement	119 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash ca5650246ee5b191998c9dde0c4626e4 9af024f2470c12f94f43c58afc090529566aa168 2c0a7bc3045bf582b2fa3b4fe5157a089aa11256fd0b45e06d27d16f49bcc041 Loading...

	abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573	ScriptElement	46 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash 54811933eba8c7474ba99e3150a7e4ec 3bee9704eccebf08af83bb18c4bd72977ce8bdde 67f048b539255315691d0afcf5d37c10455b4a476342b9d0eab968338a933347 Loading...

	abuturkeypharma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	ScriptElement	26 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen12 Hash 871d86b5f0da6cf59062cad5e852d176 d737d17944fd7983cba706b648d8670780b91de3 f6f68d337e15317be614e8f282b7255312729ebde9e66ea3ad7d947a526658cf Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2	ScriptElement	40 kB	2023-12-08	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 16:45 Last Seen2025-05-11 12:04 Times Seen500 Hash c73550ddd7a3fcd926fa431999aad30b a04cbc330ea7e15ae945c1d4a4a1350cc4d3247e 8418c0a3ed1f01df585330f8ee2c7dd76b81d1b9518d798f3afec991e33e1a6a Loading...

	abuturkeypharma.com/	ScriptElement	8.2 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen3 Hash 2585b929019c9b7d37d8bf49f545c0a1 59c4ea06f3302658ae50e81fb0062bec260d5b0a 9c5679cee38532d72b32f0596a958244bb80ce3a6f0a081c2e6c7721d3fb0c64 Loading...

	abuturkeypharma.com/	ScriptElement	136 B	2023-03-07	2025-05-10
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55 Last Seen2025-05-10 20:58 Times Seen734 Hash 0b4e18209328afd753055d61828b70af 27aa746b84681acf16b2703198982b1799de4c85 66af123f4457bcc9e7d179c60476b91ed3a5a7dc427471f8ad0efa9dc5f3e3be Loading...

	abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573	ScriptElement	18 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash 17b429aeb9c63a32649a70b6f390c053 898287ae4e5b1b145c2435f57b22021245fb5a02 968029b153fad600cdbe37227a79ab75c4a6dc95fa3a85551b7b365900a6094d Loading...

	abuturkeypharma.com/wp-includes/js/wp-util.min.js?ver=6.4.2	ScriptElement	6.3 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-includes/js/wp-util.min.js?ver=6.4.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen5 Hash 12d1bae48159ed2f39952b6aa5e18fe4 400ab29dcd9aabb87e1441d7fc51314090919a96 62e913bd5c9c9b4326f67a4130ac8fc360528958eb1b13658d893bcebba37396 Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	ScriptElement	1.4 kB	2023-12-08	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 16:46 Last Seen2025-05-11 12:04 Times Seen400 Hash 2cc78a68e39466c42bd6517ff0a6fcc8 2c7c86cc682f740a22633ea2be35be9f14e7d884 221bab2e5cfaeca91dab53c40d1ddd63a2c5e6c03113be05170ae5af57acf48a Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/common.js	ScriptElement	262 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/common.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen1958 Hash 2f1f93a50ec0f20d9429cd4486075cd9 7e899396ac3541ac2ce40993a60cb3ef15ea4e6f 969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js	ScriptElement	3.3 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen683 Hash 2518ef679c2d0c0c0758a3f97795e60d 260f8b57aa076ecd6092d7d80f5fd9bfe838d20d c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038 Loading...

	abuturkeypharma.com/	ScriptElement	2.7 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen3 Hash 15ab3ce3301a75aa5865e4555e7246df 473e6846489bef091f535d172fdc5cdc65d238ed 3740e76a31ad4a4d841bf39c41aa4bbba3785b881e8b97ddb3e8da20cb300048 Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2	ScriptElement	60 kB	2023-12-08	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 16:46 Last Seen2025-05-11 12:04 Times Seen489 Hash d3fdb41f9b7969bd4726e500035eb991 6b51b288aeb0ffbce810c29b25ab6429d3831422 ffbc7ca1476a1b316bca7b7f14319dd5a94a19e8198c01f1d00953989e6b7c63 Loading...

	abuturkeypharma.com/	ScriptElement	360 B	2023-03-09	2025-05-08
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:23 Last Seen2025-05-08 18:04 Times Seen393 Hash 85039bbba74953fdbb9d0bc890df0ff6 42ed03194c0d6cda0f3c6be1b73f8276f954ea9c f1aa8c07f1ce8c3ccc3835f14ae85207dec88089db46b21bbf0b86f3d1ec824f Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/util.js	ScriptElement	178 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/util.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen1959 Hash 3aecc4da8982cd3ee2c71448592b54bd 2af800db00e7fe620d1a3828420c8d866ebd579c e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js	ScriptElement	27 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen803 Hash 86a8ef66f5412b1da4106dfffbc074bd fa74c571ebb7bb185cc60075edfccc3f8c13e74c f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe Loading...

	abuturkeypharma.com/	ScriptElement	128 B	2023-03-29	2025-05-10
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:51 Last Seen2025-05-10 20:34 Times Seen1411 Hash 60112762381056f83a42d8a85c36fd02 8c4f1759ec652c58deeb4cc8c8c207abde2b0abc 44085cdc042ab1d1c6b08a640a7b0145ee2e844d98204a1852b2685a72a39b7f Loading...

	abuturkeypharma.com/	ScriptElement	2.4 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 16:46 Last Seen2024-08-20 16:21 Times Seen2 Hash 82701fc4f298d7fc7e65acac1d3d03e4 a03cb298c9990b45ad99d5f69263c34849f618b3 326c264f2fb76ed8902a5d854800c4a8acc6daf2edbb506caa2c3bbed14f8b9a Loading...

	abuturkeypharma.com/wp-includes/js/underscore.min.js?ver=1.13.4	ScriptElement	24 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen5 Hash e528240910a26f81ad7d541b271fe387 77bcc5d52918749584816c251b2a9dd068425832 760e47be195fb0074d017456508b7a228e92852ecb224dd1170fd1a21a9844b5 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad	ScriptElement	184 kB	2023-12-08	2023-12-09
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 01:47 Last Seen2023-12-09 00:21 Times Seen16 Hash 7bef19ff0e40d9889134a9fa91041850 82605c6dab350591d8b7883ec6951de72c7f52ef f69856a53b83377714617e4c595dfc43855f01c19198b0504b456cf3f5d3602d Loading...

	maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js	ScriptElement	232 kB	2023-12-06	2024-12-24
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen736 Hash e5f346e72fb065c353010d0d8076499e 53bbae9cada660daf922ca2010fcf65bb3a3bf76 91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/map.js	ScriptElement	73 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/map.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen983 Hash 86808d6e775e7ab077eadd3952b9769a 1c7d8a35e618e143952d5bfe8900788b1b95fe34 0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	ScriptElement	139 kB	2023-03-07	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 15:34 Times Seen7122 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 19:27 Times Seen4656790 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	abuturkeypharma.com/	ScriptElement	70 B	2023-03-07	2025-05-11
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-11 18:14 Times Seen7112 Hash 4ff152a840e29705f2933718a2571bc3 6c7ed239bcd74ab7a0ea03b3dd4ab74ffceaff49 e426295764322c0b4d881b5da28c2591e9ff651fc07636da1e2979a62a2f349c Loading...

	abuturkeypharma.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	92 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen14 Hash 72555469f8accef0988730ccb7b0fc2c eb47441365e7ef5fa0685b13165bcaff8fa75550 90c6c22c5a05454f581ae4178cb4538f66224a4a407f4cba608b9f53844ccce3 Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2	ScriptElement	5.0 kB	2023-12-08	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 16:46 Last Seen2025-05-11 12:04 Times Seen499 Hash 8de8645ec488db0544badcc9bc36549e ea34eb92f43d2116be250f7fd5fcc1ee2b8a9ad0 95be599649eee4c01636ca5fd88180049e0970b936e99cc9be8208f05f696e57 Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	ScriptElement	12 kB	2023-03-07	2025-05-11
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:25 Times Seen24969 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	abuturkeypharma.com/	ScriptElement	84 B	2023-03-07	2025-05-10
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-10 21:22 Times Seen2727 Hash 7f215c9370788561e1b9e30dd40697ef aca5a8d9d6bae876f32a5b9fb7d1d948afe855b0 eed9d591cae9c609fb97d73f7fe3d192432da0246d97bbbad6d0de0a1bc0cc2d Loading...

	abuturkeypharma.com/	ScriptElement	333 B	2023-03-07	2025-05-11
Pretty URL abuturkeypharma.com/ IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 02:01 Times Seen7534 Hash 3688fd64c409264431201fa55a828e81 2b7eeefaa1edf3a7621f7576b35b01c895ef5367 944433761a880eab1d567dd5389499af76aa03582c82a8aa88838e3c6c2134c6 Loading...

	abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=5.0.15	ScriptElement	13 kB	2023-12-08	2023-12-09
Pretty URL abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=5.0.15 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-09 15:11 Times Seen3 Hash 9ba86be2cfea05234d567013104891ce 635cdcf7277236cc52326dd6e53e762470fa83d2 ef202d6d8d764233815aaba3002b8725e2a8d46a525b838dae9b40e2999b2a77 Loading...

	abuturkeypharma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	18 kB	2023-12-08	2024-08-20
Pretty URL abuturkeypharma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen18 Hash 3f8ebcb574c0b9ade6feef2266e613bb f0ddec352fc6fc59623cdd32e4fa2a702719bf53 64ef419f7acfdf5392b33e4a26c69b258bac01e60a43107b7ea04ebad8439f97 Loading...

	abuturkeypharma.com/wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js	ScriptElement	432 B	2023-12-08	2025-05-10
Pretty URL abuturkeypharma.com/wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js IP 192.185.167.112 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 16:46 Last Seen2025-05-10 00:01 Times Seen63 Hash 1fe666875357b4d8489a9dd268b238d7 2199e8514fc20a6a9a733826cc423b25a74ee007 a042b5179c633523e6e162fe17c148e2b6915f922ec8421ed3b16a9d0664907c Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js	ScriptElement	3.4 kB	2023-12-06	2024-12-24
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 20:41 Last Seen2024-12-24 07:02 Times Seen813 Hash d1290de5da8a835304b6f7206d907119 53960cc38980f6c3c96308c205713bf2a8afab41 88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec Loading...

HTTP Transactions (74)

URL IP Response Size

abuturkeypharma.com/tame/?31127871//////////////////////////////////////////////////////////////////////////////////////////////

192.185.167.112

302 Found

0 B

URL User Request GET HTTP/2
abuturkeypharma.com/tame/?31127871//////////////////////////////////////////////////////////////////////////////////////////////
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tame/?31127871////////////////////////////////////////////////////////////////////////////////////////////// HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-store
location: /
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 15:45:57 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/

192.185.167.112

200 OK

0 B

URL User Request GET HTTP/2
abuturkeypharma.com/
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 08 Dec 2023 15:46:00 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://abuturkeypharma.com/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

abuturkeypharma.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.21

192.185.167.112

200 OK

323 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.21
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text
Size
323 B (323 bytes)
Hash
a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.21 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 04 Dec 2023 14:13:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 323
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=4.5.1

192.185.167.112

200 OK

468 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=4.5.1
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (3412), with no line terminators
Size
468 B (468 bytes)
Hash
730e0907dfd019baf0c555a21f373670
6bef5d7aab1206ca5095e6f589c47c9912873ac7
b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=4.5.1 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Nov 2023 14:06:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 468
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.5.1

192.185.167.112

200 OK

12 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.5.1
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (39343)
Size
12 kB (11792 bytes)
Hash
a0b3a11fd4ebcad236cff2bc51e9b434
32450d8097e971f4b59044e979289903beffc85d
4c0561c2c4810cbb09911bc45252c68724f181aa5bd16455493e31d2bfeba8b3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.5.1 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Nov 2023 14:06:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11792
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.25.0

192.185.167.112

200 OK

4.1 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.25.0
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (19525)
Size
4.1 kB (4073 bytes)
Hash
edcdb90e5161a1894daff5e6b1b35c3f
1c199cad3f215c2dcc739fcbc10bb14b53bebe13
d2f82e2e141c7a7f31f40ab9ed8c499bba09505bac8b806cf016d10550e2a6d7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.25.0 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4073
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

192.185.167.112

200 OK

3.2 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (12876), with no line terminators
Size
3.2 kB (3188 bytes)
Hash
bcad7781b3e74db2565b8424c45232cd
41b0d94434ef667897c06e1184b703064ffceda1
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3188
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/elementor/css/post-783.css?ver=1684850616

192.185.167.112

200 OK

1.0 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/elementor/css/post-783.css?ver=1684850616
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (5232), with no line terminators
Size
1.0 kB (1013 bytes)
Hash
ca6709e83e2aebb2b49348227d84dc64
000c40bd32a2df22957227bdf91c10634278ff81
4863b195d744225f2b5439dd1b39216c57f3ec0550b32bcc8795e3183e91e528

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-783.css?ver=1684850616 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 23 May 2023 14:03:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1013
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/elementor/css/post-6.css?ver=1684855778

192.185.167.112

200 OK

5.7 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/elementor/css/post-6.css?ver=1684855778
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (29053), with no line terminators
Size
5.7 kB (5721 bytes)
Hash
f09d0a16626b8a0c0ed7307c87bb486a
56a32b0715bd415d3ab594e161be2265cdb37538
c09072bc635d77f0e0c3e7f654efda2a8ee256a1079e0a5bbfe6c39587715039

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6.css?ver=1684855778 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 23 May 2023 15:29:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5721
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/elementor/css/post-16.css?ver=1684850616

192.185.167.112

200 OK

358 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/elementor/css/post-16.css?ver=1684850616
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (1100), with no line terminators
Size
358 B (358 bytes)
Hash
5fe49f54a2fbc91f57d1ec20065ab7ea
bcc6ad244d27d9aae7399237cb253a22747c0d9f
27a700a72520cb4647651a94e725dcaa143da6b65510d08d3e19375478d1118e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-16.css?ver=1684850616 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 23 May 2023 14:03:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.21

192.185.167.112

200 OK

12 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.21
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
Unicode text, UTF-8 text, with very long lines (1646)
Size
12 kB (11654 bytes)
Hash
2395c81e72a52f14588816b4f72a7f17
711357e8d49c28be7605fcfbf881b90567decee1
ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.21 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 04 Dec 2023 14:13:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11654
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=5.0.15

192.185.167.112

200 OK

5.7 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=5.0.15
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (15452), with no line terminators
Size
5.7 kB (5676 bytes)
Hash
c518c0a77952957e2a675a7babc23eff
2236d8fabe662863429437a2d1590ca5a9892c7d
113f348e9dfee4f7157e325d4033eb6a8d33064d20abb07baba481fc4c93cb40

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=5.0.15 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 17 Nov 2023 01:58:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5676
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

192.185.167.112

200 OK

309 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (483)
Size
309 B (309 bytes)
Hash
9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css

192.185.167.112

200 OK

1.4 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (10061)
Size
1.4 kB (1370 bytes)
Hash
e47119f647f0e62e8d7c378b27bc470a
40890125c581a5606562c2e283ec221291249faa
ba72ffaccbc4b02ca4ee4783a4bd695c735b7afe5a8eedfba9b3457d97fdcbea

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1370
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=78442573

192.185.167.112

200 OK

5.3 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (22083), with no line terminators
Size
5.3 kB (5326 bytes)
Hash
b161cba667340b4e93ff2bb25fcc3a81
d778a0eb1febc9322b9d989fea05039c67c21193
92b3f4acfaebc2783b3278da66519618a5dfc33d413ebcfe846a270e73eb1c1c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5326
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

192.185.167.112

200 OK

1.5 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (9881)
Size
1.5 kB (1467 bytes)
Hash
799ee47ef74fa81846440a3858f7b909
6d841ab7d74181dcc4bbf7a03473d3fdbea5cca3
0c6c5fc6e20c8b7ba36c84856cf65375a53e30fdd034c89f6aa502af98c8dff3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1467
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=5.0.15

192.185.167.112

200 OK

5.9 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=5.0.15
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (13030), with no line terminators
Size
5.9 kB (5926 bytes)
Hash
9ba86be2cfea05234d567013104891ce
635cdcf7277236cc52326dd6e53e762470fa83d2
ef202d6d8d764233815aaba3002b8725e2a8d46a525b838dae9b40e2999b2a77

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=5.0.15 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 17 Nov 2023 01:58:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5926
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573

192.185.167.112

200 OK

6.7 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (18335), with no line terminators
Size
6.7 kB (6730 bytes)
Hash
17b429aeb9c63a32649a70b6f390c053
898287ae4e5b1b145c2435f57b22021245fb5a02
968029b153fad600cdbe37227a79ab75c4a6dc95fa3a85551b7b365900a6094d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6730
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.167.112

200 OK

7.9 kB

URL GET HTTP/2
abuturkeypharma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (13479)
Size
7.9 kB (7852 bytes)
Hash
3f8ebcb574c0b9ade6feef2266e613bb
f0ddec352fc6fc59623cdd32e4fa2a702719bf53
64ef419f7acfdf5392b33e4a26c69b258bac01e60a43107b7ea04ebad8439f97

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 01:59:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7852
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573

192.185.167.112

200 OK

3.0 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (6363), with no line terminators
Size
3.0 kB (3009 bytes)
Hash
74e1b838818c8f4a6d925fc7d628584e
7d5d41dda54d099ff0e51dcd28b256c937f64c37
eddf169134f4a4cb40f12639722c0f90c61498c589bb569c8f09fbd5e117f572

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3009
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2

192.185.167.112

200 OK

2.3 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (4957)
Size
2.3 kB (2341 bytes)
Hash
8de8645ec488db0544badcc9bc36549e
ea34eb92f43d2116be250f7fd5fcc1ee2b8a9ad0
95be599649eee4c01636ca5fd88180049e0970b936e99cc9be8208f05f696e57

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2341
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-11.png

192.185.167.112

200 OK

1.3 MB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-11.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 1200 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 MB (1308509 bytes)
Hash
e9c0a7417386160e1b026adadc31f954
b0274412c1d64570da9b40362219d035ba7d31b5
cef9495443686290d7678364ec774fd9b692154fcd28ca44bf91a35b42a1f784

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-11.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 11:05:03 GMT
accept-ranges: bytes
content-length: 1308509
content-type: image/png
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

192.185.167.112

200 OK

11 kB

URL GET HTTP/2
abuturkeypharma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
Unicode text, UTF-8 text, with very long lines (13098)
Size
11 kB (10780 bytes)
Hash
871d86b5f0da6cf59062cad5e852d176
d737d17944fd7983cba706b648d8670780b91de3
f6f68d337e15317be614e8f282b7255312729ebde9e66ea3ad7d947a526658cf

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 01:59:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10780
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-Untitled-300-%C3%97-300-px-1-1-120x122.png

192.185.167.112

200 OK

12 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-Untitled-300-%C3%97-300-px-1-1-120x122.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 120 x 122, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12358 bytes)
Hash
ae60589be8578216be78c20dfe51ad67
f0c2333bfabf48fad759171a35b90863eb1bff8d
82f9e01c4c900c20842ef5bb985a11e2202779ca71085869ee07c1b9478cbf78

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-cropped-Untitled-300-%C3%97-300-px-1-1-120x122.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 10:51:57 GMT
accept-ranges: bytes
content-length: 12358
content-type: image/png
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

192.185.167.112

200 OK

13 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (57726)
Size
13 kB (12577 bytes)
Hash
eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.1

192.185.167.112

200 OK

9.5 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.1
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (26090), with no line terminators
Size
9.5 kB (9514 bytes)
Hash
f3daea7f000ab24af0ce45e77e0ab79c
953006ce48bb1c54233913f3466fc325a23224b4
85d44cf7d99f325a51c1c5b710529da59f402b4258ea6fe197b1c813c77e89ec

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.1 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Nov 2023 14:06:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9514
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.18.2

192.185.167.112

200 OK

3.0 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.18.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (10019)
Size
3.0 kB (2997 bytes)
Hash
4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.18.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

192.185.167.112

200 OK

3.7 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.7 kB (3747 bytes)
Hash
3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-includes/js/wp-util.min.js?ver=6.4.2

192.185.167.112

200 OK

3.1 kB

URL GET HTTP/2
abuturkeypharma.com/wp-includes/js/wp-util.min.js?ver=6.4.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (6300)
Size
3.1 kB (3098 bytes)
Hash
12d1bae48159ed2f39952b6aa5e18fe4
400ab29dcd9aabb87e1441d7fc51314090919a96
62e913bd5c9c9b4326f67a4130ac8fc360528958eb1b13658d893bcebba37396

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.4.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 01:59:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3098
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2

192.185.167.112

200 OK

16 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (40396)
Size
16 kB (16254 bytes)
Hash
c73550ddd7a3fcd926fa431999aad30b
a04cbc330ea7e15ae945c1d4a4a1350cc4d3247e
8418c0a3ed1f01df585330f8ee2c7dd76b81d1b9518d798f3afec991e33e1a6a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16254
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573

192.185.167.112

200 OK

4.6 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (10530), with no line terminators
Size
4.6 kB (4556 bytes)
Hash
ffac30e1398f595a4b56e385b30d0010
5de658d7a60a05753b582d102e99e05a8c60b703
f53e396227267ea64b75139a6e975342d461081a4a7e600438a80ecfaa8fa404

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4556
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.5.2

192.185.167.112

200 OK

2.7 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.5.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (5680), with no line terminators
Size
2.7 kB (2703 bytes)
Hash
2f9c68726f290df83540dfaac7079ce8
16ce61272eeb95f28d844a840211347ebf625f2f
c3b8500f041817ec257cbace246622ca66a490c80e7cf9a2f18a4b08d401fcd0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.5.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Nov 2023 13:56:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2703
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.167.112

200 OK

11 kB

URL GET HTTP/2
abuturkeypharma.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (23707)
Size
11 kB (10727 bytes)
Hash
e528240910a26f81ad7d541b271fe387
77bcc5d52918749584816c251b2a9dd068425832
760e47be195fb0074d017456508b7a228e92852ecb224dd1170fd1a21a9844b5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 01:59:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10727
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-10.png

192.185.167.112

200 OK

847 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-10.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 1200 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
847 kB (847390 bytes)
Hash
0446e9837c626ac94680428185fd9350
32378ab2b889f5edf964d09539fd425adcab4ba9
5b7a4f5c7d3f78ecf64f54b2da5ce5dcac2d11f43ff05d7aa7f4f1b3ae755fba

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-10.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 11:04:37 GMT
accept-ranges: bytes
content-length: 847390
content-type: image/png
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-9.png

192.185.167.112

200 OK

1.4 MB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-9.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 1200 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 MB (1353026 bytes)
Hash
6f1ea3b3a5cc672509117ae92bb38a6b
8a003340394b54cc7f28a702e654793b141edd14
8237ea3a16bb7517d3e79960235d08b8ceeeb75a3cf118c26b38bb853cca4a8c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-9.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 11:04:21 GMT
accept-ranges: bytes
content-length: 1353026
content-type: image/png
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-8.png

192.185.167.112

200 OK

1.5 MB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-8.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 1200 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 MB (1494089 bytes)
Hash
b402308abfaa961d1005f438cf18ea69
83d5c9bc00b5c627a936cab9a404995bdf3fca08
a289911fa68b84c2a04a1d12261d17d3fa4736ce62b8f24c0fafef4964c4b9ee

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/Beauty-tips-for-skin-2022-8.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 11:04:05 GMT
accept-ranges: bytes
content-length: 1494089
content-type: image/png
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/imgbin-pharmaceutical-drug-dietary-supplement-medicine-tablet-prescription-drug-colorful-pills-pills-rKQniwNePRGtvB9mRLPKYz6nH.jpg

192.185.167.112

200 OK

50 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/imgbin-pharmaceutical-drug-dietary-supplement-medicine-tablet-prescription-drug-colorful-pills-pills-rKQniwNePRGtvB9mRLPKYz6nH.jpg
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 728x481, components 3\012- data
Size
50 kB (49711 bytes)
Hash
59c9f0d5a12d256bbaef76e259dc9e37
a13c4a76458c205a11556743de7e20cbee2ce3f4
3b91e7d45497b4f43b322426c1b3bbfed86dddacf716043f75c378fb22aeddbe

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/imgbin-pharmaceutical-drug-dietary-supplement-medicine-tablet-prescription-drug-colorful-pills-pills-rKQniwNePRGtvB9mRLPKYz6nH.jpg HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/wp-content/uploads/elementor/css/post-6.css?ver=1684855778
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 24 Oct 2022 08:03:04 GMT
accept-ranges: bytes
content-length: 49711
content-type: image/jpeg
date: Fri, 08 Dec 2023 15:46:01 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

192.185.167.112

200 OK

78 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
content-length: 78196
content-type: font/woff2
date: Fri, 08 Dec 2023 15:46:01 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:45:41 GMT
expires: Fri, 06 Dec 2024 15:45:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 86420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Size
27 kB (27120 bytes)
Hash
43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

HTTP Headers

GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:02 GMT
expires: Fri, 06 Dec 2024 15:44:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
age: 86519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.google.com/maps?q=Abu%20Turkey%20Pharmacy%2C%20South%20Maabilah%2C%203791T%2C%20block%20no.%20383%2C%20way%20no.%208343%2C%20PB%20No.%20348%20Near-%20Al%20Safa%20HyperMarket%2C%20South%20Maabilah%20Muscat%20OM%2C%20112&t=m&z=10&output=embed&iwloc=near

216.58.211.14

301 Moved Permanently

0 B

URL GET HTTP/2
maps.google.com/maps?q=Abu%20Turkey%20Pharmacy%2C%20South%20Maabilah%2C%203791T%2C%20block%20no.%20383%2C%20way%20no.%208343%2C%20PB%20No.%20348%20Near-%20Al%20Safa%20HyperMarket%2C%20South%20Maabilah%20Muscat%20OM%2C%20112&t=m&z=10&output=embed&iwloc=near
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /maps?q=Abu%20Turkey%20Pharmacy%2C%20South%20Maabilah%2C%203791T%2C%20block%20no.%20383%2C%20way%20no.%208343%2C%20PB%20No.%20348%20Near-%20Al%20Safa%20HyperMarket%2C%20South%20Maabilah%20Muscat%20OM%2C%20112&t=m&z=10&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
vary: Origin, X-Origin, Referer
date: Fri, 08 Dec 2023 15:46:01 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28224, version 1.0\012- data
Size
28 kB (28224 bytes)
Hash
6e95e894bf3dab542264c4bfbe7e677a
c5ef8b858caf7920d451d43f37ea65de3736716c
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

HTTP Headers

GET /s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:59:39 GMT
expires: Fri, 06 Dec 2024 15:59:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
content-type: font/woff2
age: 85582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

216.58.207.227

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37964, version 1.0\012- data
Size
38 kB (37964 bytes)
Hash
53dc5ba78048ba77adbeb59626cfc316
93f6b849fb3ae9609d3008dfa1071c5a6e39f817
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

HTTP Headers

GET /s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:01:43 GMT
expires: Fri, 06 Dec 2024 16:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
content-type: font/woff2
age: 85458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.25.0

192.185.167.112

200 OK

95 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.25.0
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 95300, version 1.0\012- data
Size
95 kB (95300 bytes)
Hash
5ef99f5d96639a5ebb2cbcb689a5162d
b2c4e8d8337d7611fb3fb338106c3edf3bbc4d80
1cd0caedfedd32a85aa3e36bfc219135f69efad9f717292b5de5cd5747429a6b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.25.0 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.25.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
content-length: 95300
content-type: font/woff2
date: Fri, 08 Dec 2023 15:46:01 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/s4-1-1024x680-1.jpg

192.185.167.112

200 OK

139 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/s4-1-1024x680-1.jpg
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x680, components 3\012- data
Size
139 kB (139372 bytes)
Hash
ce57a6c9b1a57395845a6b2926fb23c3
32fb16a139c815d7b7da30450ab95d76b0b18757
a4c31a366d5b977e8aaef6dcd23073d7c7b71fbc04c96f61a27d24f1b1d88141

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/s4-1-1024x680-1.jpg HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 24 Oct 2022 09:45:52 GMT
accept-ranges: bytes
content-length: 139372
content-type: image/jpeg
date: Fri, 08 Dec 2023 15:46:01 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2

192.185.167.112

200 OK

23 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
gzip compressed data, from Unix\012- data
Size
23 kB (23193 bytes)
Hash
583a57137e6cef05735f5049e91129e9
589ebd87f774de90c451a71d08cebf91bf4543ff
2e7b5915ab639eb0a9023a96d404ff6b198ff113e900f2966e599900cf8f2d36

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573

192.185.167.112

200 OK

40 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
gzip compressed data, from Unix\012- data
Size
40 kB (40065 bytes)
Hash
d8ed2293192d36c74f4a9e515cc56d68
23cb8e8076a54364e98010642057b3b60120b116
77ce485ccbb194a2373e5881eb416cb122c584be0a4411c2cf95952167eb980d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-192x192.png

192.185.167.112

200 OK

26 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-192x192.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25613 bytes)
Hash
9c6d98ab3f4dbd8b0550b367d67e401f
c4e94a34582292c08ec48319b69749039c22c957
e22bfbc372391fe4fbfa6dc9b37d2730be11165a3754c4c0ff2eaa751ba890d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-192x192.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 12:46:34 GMT
accept-ranges: bytes
content-length: 25613
content-type: image/png
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-32x32.png

192.185.167.112

200 OK

1.9 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-32x32.png
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1913 bytes)
Hash
5529e5c2e0656b7d33832f81fc1a90ef
268693157a9fece87cc7ab3aa2714d7e5a478ae6
dcbabdba6b3f8d30fb33cc1c23bbb3536c7d788ec87f63067d4c08055388e898

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-cropped-cropped-Untitled-300-%C3%97-300-px-1-1-32x32.png HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 12:46:34 GMT
accept-ranges: bytes
content-length: 1913
content-type: image/png
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

192.185.167.112

200 OK

672 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (1320)
Size
672 B (672 bytes)
Hash
2cc78a68e39466c42bd6517ff0a6fcc8
2c7c86cc682f740a22633ea2be35be9f14e7d884
221bab2e5cfaeca91dab53c40d1ddd63a2c5e6c03113be05170ae5af57acf48a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 672
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js

192.185.167.112

200 OK

298 B

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (392)
Size
298 B (298 bytes)
Hash
1fe666875357b4d8489a9dd268b238d7
2199e8514fc20a6a9a733826cc423b25a74ee007
a042b5179c633523e6e162fe17c148e2b6915f922ec8421ed3b16a9d0664907c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 298
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/slider/cache/d67f58404e778621428ecc1954e5babe/service-1.jpg

192.185.167.112

200 OK

49 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/slider/cache/d67f58404e778621428ecc1954e5babe/service-1.jpg
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 690x460, components 3\012- data
Size
49 kB (49393 bytes)
Hash
442a681f5e5be4c17e05f3a17fef9ff5
015e1407cf68b5450e9b0b691866caf3410053eb
ae276293918e80e6f3435527e20c10af879f65063ef100f26c6091e054c5bb19

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/slider/cache/d67f58404e778621428ecc1954e5babe/service-1.jpg HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 09:31:44 GMT
accept-ranges: bytes
content-length: 49393
content-type: image/jpeg
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/uploads/slider/cache/97fca39e9e58754cbc3ced4ab58afbd6/s2-1.jpg

192.185.167.112

200 OK

83 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/uploads/slider/cache/97fca39e9e58754cbc3ced4ab58afbd6/s2-1.jpg
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 1000x667, components 3\012- data
Size
83 kB (82858 bytes)
Hash
ccd9020ed6294397e1b3a6071c4a1266
1c5a0196c5bab95ee936f61bdd24c2330e2b8acc
c8a871d7f8fa586f2235629d2e5889b92cb5a902923a5d7a772d797b5e41941a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/slider/cache/97fca39e9e58754cbc3ced4ab58afbd6/s2-1.jpg HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 09:45:40 GMT
accept-ranges: bytes
content-length: 82858
content-type: image/jpeg
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10

142.250.74.132

200 OK

1.1 kB

URL GET HTTP/2
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1726)
Size
1.1 kB (1114 bytes)
Hash
2257a1b9d386087217f5ceadd1dd472c
2a51ad44cedb83d9d0c6e91740177f66d2a6a6c2
ba2c0a2bdf84cd92c3e391f0e2b543db222aee7e6767179744194cf8d55ac0ad

HTTP Headers

GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://abuturkeypharma.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache, must-revalidate
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JoaDn_khJeJQCrsL5Y71pQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
vary: Accept-Language, Origin, X-Origin, Referer
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 08 Dec 2023 15:46:02 GMT
server: scaffolding on HTTPServer2
content-length: 1114
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

142.250.74.170

200 OK

63 kB

URL GET HTTP/2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2490)
Size
63 kB (63101 bytes)
Hash
7bef19ff0e40d9889134a9fa91041850
82605c6dab350591d8b7883ec6951de72c7f52ef
f69856a53b83377714617e4c595dfc43855f01c19198b0504b456cf3f5d3602d

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 08 Dec 2023 15:46:03 GMT
server: scaffolding on HTTPServer2
content-length: 63101
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.170

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 08 Dec 2023 15:46:03 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js

142.250.74.35

200 OK

61 kB

URL GET HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3246)
Size
61 kB (61041 bytes)
Hash
e5f346e72fb065c353010d0d8076499e
53bbae9cada660daf922ca2010fcf65bb3a3bf76
91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce

HTTP Headers

GET /maps-api-v3/embed/js/55/4/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61041
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:57 GMT
expires: Fri, 06 Dec 2024 15:43:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:19 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 86526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

142.250.74.170

200 OK

58 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/common.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (6638)
Size
58 kB (57512 bytes)
Hash
2f1f93a50ec0f20d9429cd4486075cd9
7e899396ac3541ac2ce40993a60cb3ef15ea4e6f
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b

HTTP Headers

GET /maps-api-v3/api/js/55/4/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:55:08 GMT
expires: Fri, 06 Dec 2024 15:55:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 85855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/4/util.js

142.250.74.170

200 OK

55 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/util.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (562)
Size
55 kB (55175 bytes)
Hash
3aecc4da8982cd3ee2c71448592b54bd
2af800db00e7fe620d1a3828420c8d866ebd579c
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb

HTTP Headers

GET /maps-api-v3/api/js/55/4/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 55175
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:02 GMT
expires: Fri, 06 Dec 2024 15:46:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 86401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/4/map.js

142.250.74.170

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/map.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2312)
Size
24 kB (23771 bytes)
Hash
86808d6e775e7ab077eadd3952b9769a
1c7d8a35e618e143952d5bfe8900788b1b95fe34
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c

HTTP Headers

GET /maps-api-v3/api/js/55/4/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23771
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:25 GMT
expires: Fri, 06 Dec 2024 15:43:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 86558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js

142.250.74.170

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1152)
Size
1.3 kB (1273 bytes)
Hash
d1290de5da8a835304b6f7206d907119
53960cc38980f6c3c96308c205713bf2a8afab41
88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec

HTTP Headers

GET /maps-api-v3/api/js/55/4/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1273
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 19:31:39 GMT
expires: Thu, 05 Dec 2024 19:31:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 159264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js

142.250.74.170

200 OK

8.9 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2559)
Size
8.9 kB (8900 bytes)
Hash
86a8ef66f5412b1da4106dfffbc074bd
fa74c571ebb7bb185cc60075edfccc3f8c13e74c
f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe

HTTP Headers

GET /maps-api-v3/api/js/55/4/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 8900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:48:42 GMT
expires: Fri, 06 Dec 2024 15:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 86241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js

142.250.74.170

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1470)
Size
1.3 kB (1253 bytes)
Hash
2518ef679c2d0c0c0758a3f97795e60d
260f8b57aa076ecd6092d7d80f5fd9bfe838d20d
c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038

HTTP Headers

GET /maps-api-v3/api/js/55/4/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1253
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:00 GMT
expires: Fri, 06 Dec 2024 15:46:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 86403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

192.185.167.112

200 OK

63 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
gzip compressed data, from Unix\012- data
Size
63 kB (62615 bytes)
Hash
def9f9cc926d32e6dbf284886d2ae8ba
532ec6ba1fa50598d92d3924078075823aed4af4
08a04483c5840021be2254fee1da9a5d01d743ba0a2774b2a4beac3a39c7a068

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:02 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/

192.185.167.112

200 OK

69 kB

URL User Request GET HTTP/2
abuturkeypharma.com/
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
gzip compressed data, from Unix\012- data
Size
69 kB (69349 bytes)
Hash
de18d59429f8f4ff208009fa1692b6c9
d047137e1ff4b8465ab42977a02904cddc3a2b11
78d5ff921433da4795902f5577f9db3db5095fd7fb71ec84b3d5d1df0e136bc5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
link: <https://abuturkeypharma.com/wp-json/>; rel="https://api.w.org/", <https://abuturkeypharma.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://abuturkeypharma.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 15:46:01 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 86380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

192.185.167.112

200 OK

92 kB

URL GET HTTP/2
abuturkeypharma.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92462 bytes)
Hash
72555469f8accef0988730ccb7b0fc2c
eb47441365e7ef5fa0685b13165bcaff8fa75550
90c6c22c5a05454f581ae4178cb4538f66224a4a407f4cba608b9f53844ccce3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 01:59:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.18.2

192.185.167.112

200 OK

117 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.18.2
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (65496)
Size
117 kB (117332 bytes)
Hash
5c328172a76686b7e0cd99056bb9550e
696eb606ac28c8a93afb698216ed5c786408ca9a
e366875e2df0ce65a6527dfe9f39e8fe0ffe94120ddefedaeec1e501b99ff7f5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.18.2 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 08 Dec 2023 13:56:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i173201&2i113208&2e1&3u10&4m2&1u378&2u262&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=52745

142.250.74.170

200 OK

15 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i173201&2i113208&2e1&3u10&4m2&1u378&2u262&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=52745
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sAbu+Turkey+Pharmacy,+South+Maabilah,+3791T,+block+no.+383,+way+no.+8343,+PB+No.+348+Near-+Al+Safa+HyperMarket,+South+Maabilah+Muscat+OM,+112!5e0!6i10
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 378 x 262, 8-bit colormap, non-interlaced\012- data
Size
15 kB (15445 bytes)
Hash
8694143bab625e03e494090176cb3373
ccc13adccf88a332c304ae82a7e9391fe2c3edbc
acf8fb5424bd5ec02d21f594156be30a8addc0ad5c1da58070b6f3e3c745129c

HTTP Headers

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i173201&2i113208&2e1&3u10&4m2&1u378&2u262&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=52745 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: scaffolding on HTTPServer2
content-length: 15445
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Fri, 08 Dec 2023 06:38:15 GMT
expires: Sat, 09 Dec 2023 06:38:15 GMT
cache-control: public, max-age=86400
content-type: image/png
age: 32868
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?display=swap&family=Libre+Baskerville%3A300%2C400%7CLibre+Franklin%3A300%2C400

216.58.211.10

200 OK

3.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?display=swap&family=Libre+Baskerville%3A300%2C400%7CLibre+Franklin%3A300%2C400
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3402), with no line terminators
Size
3.3 kB (3330 bytes)
Hash
6aad9b4f908c351ccc17284f56708cc3
fbeebb3e537d6f051cabcefa1175b8bd28b67be7
a1efe17cabdd1377357f85b771fa123a09d80a0dee41a58dc262352d118a5453

HTTP Headers

GET /css?display=swap&family=Libre+Baskerville%3A300%2C400%7CLibre+Franklin%3A300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 15:46:01 GMT
date: Fri, 08 Dec 2023 15:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%7CPlayfair+Display%3A700%2C600&display=fallback&ver=4.5.1

216.58.211.10

200 OK

5.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%7CPlayfair+Display%3A700%2C600&display=fallback&ver=4.5.1
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5811), with no line terminators
Size
5.7 kB (5676 bytes)
Hash
abcf2ebd9c5898ec6a729b7d2136f59e
4bd4a46558fc774647ab4452ef9763865b4e1d70
ebf1f2202b45c52cd1234b536fdb19e8ffb77bfc313b351eb8ac2bdc20738f56

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%7CPlayfair+Display%3A700%2C600&display=fallback&ver=4.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 15:46:01 GMT
date: Fri, 08 Dec 2023 15:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.2

216.58.211.10

200 OK

65 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.2
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
65 kB (65336 bytes)
Hash
e168fee54d9c3d5ba43e9df12998b05a
70850caf54d69925cf3ebe8856a19fa45a6d961c
25f40ed31a6dbe3241e184f41625610ae30fc3f32b9da339b40afa3c7a09d2b5

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 15:46:01 GMT
date: Fri, 08 Dec 2023 15:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://abuturkeypharma.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abuturkeypharma.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 125311
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573

192.185.167.112

200 OK

46 kB

URL GET HTTP/2
abuturkeypharma.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573
IP
192.185.167.112:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://abuturkeypharma.com/
Certificate
IssuerLet's Encrypt
Subject*.abuturkeypharma.com
Fingerprint78:D1:4F:74:6A:4C:C0:A5:43:BD:35:FD:6E:4A:66:B5:0F:A2:9F:54
ValidityTue, 24 Oct 2023 09:36:33 GMT - Mon, 22 Jan 2024 09:36:32 GMT

File type
ASCII text, with very long lines (46312), with no line terminators
Size
46 kB (46312 bytes)
Hash
54811933eba8c7474ba99e3150a7e4ec
3bee9704eccebf08af83bb18c4bd72977ce8bdde
67f048b539255315691d0afcf5d37c10455b4a476342b9d0eab968338a933347

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573 HTTP/1.1
Host: abuturkeypharma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abuturkeypharma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 15 Nov 2023 14:14:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 15:46:00 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by