Report - breached.vc/T

Report Overview

Submitted URL
breached.vc/T
IP
185.129.102.37
ASN
#57724 Ddos-guard Ltd
Submitted
2022-12-22 22:37:33
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	737 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.162.125.72
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	52 kB	34.120.237.76
breached.vc	unknown	2022-11-17T11:07:11Z	2023-03-09T02:12:55Z	15 kB	325 kB	185.129.102.37
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-22	medium	breached.vc/T	Malware
2022-12-22	medium	breached.vc/jscripts/jquery.plugins.min.js?ver=1821	Malware
2022-12-22	medium	breached.vc/jscripts/general.js?ver=1827	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/global.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/jscripts/jquery.js?ver=1823	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/roboto.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/custom.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/ficons.min.css?t=1667621381	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/alerts.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/fork-awesome.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/cache/themes/theme5/mobile.min.css?t=1666942606	Malware
2022-12-22	medium	breached.vc/cache/themes/theme1/onlinetoday.min.css?t=1648433133	Malware
2022-12-22	medium	breached.vc/jscripts/ougc_awards.js	Malware
2022-12-22	medium	breached.vc/jscripts/ougc_spoiler.js	Malware
2022-12-22	medium	breached.vc/jscripts/scrolltop.js	Malware
2022-12-22	medium	breached.vc/resources/javascript/bf_theme.js	Malware
2022-12-22	medium	breached.vc/resources/javascript/raid.js?v=1.6	Malware
2022-12-22	medium	breached.vc/resources/roboto/Roboto-Regular.woff2	Malware
2022-12-22	medium	breached.vc/resources/webfonts/fa-solid-900.woff2	Malware
2022-12-22	medium	breached.vc/resources/roboto/Roboto-Bold.woff2	Malware
2022-12-22	medium	breached.vc/resources/webfonts/fa-brands-400.woff2	Malware
2022-12-22	medium	breached.vc/T	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	breached.vc/jscripts/general.js?ver=1827	16 kB	2023-03-07	2024-04-07
Pretty URL breached.vc/jscripts/general.js?ver=1827 IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:26 Last Seen2024-04-07 20:06:51 Times Seen221 Hash 373ad0e5af45e8cd17b064aaa7c2d465 9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e 491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898 Loading...

	breached.vc/resources/javascript/raid.js?v=1.6	8.0 kB	2023-03-08	2023-03-26
Pretty URL breached.vc/resources/javascript/raid.js?v=1.6 IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2023-03-26 00:04:32 Times Seen5 Hash ecf93784026c7a01d678a7f318c3897f 5ac9bd8a1c9a102b2182e2f8a4415dca995cf139 bc084a7f6db28ba24948e928ee26c43bceaf30893ed85f38d887803c62d1f8d5 Loading...

	breached.vc/T	119 B	2023-03-08	2024-02-06
Pretty URL breached.vc/T IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2024-02-06 09:09:40 Times Seen10 Hash c03c2a9cde3f701c707bcf6006bf72aa 2a98c55b7a3bc6880078341c8d4d97f2c5b19ce1 70ec23657d8596f70002a5a9a84d28b54335d0a9f93f6cc84f1cf075aa9e4689 Loading...

	breached.vc/resources/javascript/bf_theme.js	4.5 kB	2023-03-08	2023-03-26
Pretty URL breached.vc/resources/javascript/bf_theme.js IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2023-03-26 00:04:32 Times Seen5 Hash aa530e66d46bcd3ea6a8cd7aad4dfc02 e1e1961363fa7ba0dca5bfdc9ba21a69f9275356 c8e58ef852dfb31e4ef2ed77008b3aa64ee6c6ec9fb1258a9733482ab9ed1b60 Loading...

	breached.vc/jscripts/scrolltop.js	1.6 kB	2023-03-08	2023-03-26
Pretty URL breached.vc/jscripts/scrolltop.js IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2023-03-26 00:04:32 Times Seen5 Hash ecfa2d14c25ba2cba9a4d262c10427ce 89953bb7ac1cb669bde7deb7acccbdf72c36bda8 aa7736ad80806c477983a7d250898615d0a37a624e82593184cc4f234ab7b580 Loading...

	breached.vc/jscripts/jquery.plugins.min.js?ver=1821	15 kB	2023-03-07	2024-04-07
Pretty URL breached.vc/jscripts/jquery.plugins.min.js?ver=1821 IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:26 Last Seen2024-04-07 20:06:51 Times Seen323 Hash cf1f71e20e14765d6d5ea640aa4f7fc7 d1f3a0e46dd50d3a4d1839cb821ad42802619def a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149 Loading...

	breached.vc/jscripts/jquery.js?ver=1823	90 kB	2023-03-07	2024-04-26
Pretty URL breached.vc/jscripts/jquery.js?ver=1823 IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-04-26 04:27:46 Times Seen4768 Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Loading...

	breached.vc/jscripts/ougc_awards.js	2.1 kB	2023-03-08	2024-04-07
Pretty URL breached.vc/jscripts/ougc_awards.js IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2024-04-07 20:06:50 Times Seen20 Hash b8ce948186090d33ad86ff6b113fee58 ca5a4deee1de599650a1ac4b219df3aab474c628 574f588cb25fe103a12863140f9be167021724713fad3e3db660f8d665bdbb23 Loading...

	breached.vc/T	2.3 kB	2023-03-10	2023-03-10
Pretty URL breached.vc/T IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:31:41 Last Seen2023-03-10 04:31:41 Times Seen1 Hash 23ae0b9666c9b01cc1bf7a6eb281bd19 ce5d783bab1ad4ec67b89bd25a52402f683fe655 a8d33d0fdd8fc403e09f53ecd105a61b3184f744dad10032b1ea80cb05aef207 Loading...

	breached.vc/jscripts/ougc_spoiler.js	1.5 kB	2023-03-08	2024-02-06
Pretty URL breached.vc/jscripts/ougc_spoiler.js IP 185.129.102.37 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:04:44 Last Seen2024-02-06 09:09:41 Times Seen14 Hash ce30681c4dda440a693f87457aa73b0a c6b17d3eb9fb2f88aa2ca192bc8cd70a2a8b4702 7ecaa84793b5befa2c2dff743305c33249eb43d7d76af2dac6bd33bb8d14faf6 Loading...

HTTP Transactions (49)

URL IP Response Size

breached.vc/T

185.129.102.37

301 Moved Permanently

568 B

URL HTTP/1.1
breached.vc/T
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Size
568 B (568 bytes)
Hash
2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /T HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Thu, 22 Dec 2022 22:37:22 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://breached.vc/T
Content-Type: text/html; charset=utf8
Content-Length: 568

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8733
Expires: Fri, 23 Dec 2022 01:02:56 GMT
Date: Thu, 22 Dec 2022 22:37:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7068
Expires: Fri, 23 Dec 2022 00:35:11 GMT
Date: Thu, 22 Dec 2022 22:37:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 21:46:04 GMT
content-type: application/json
age: 3079
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7589
Expires: Fri, 23 Dec 2022 00:43:52 GMT
Date: Thu, 22 Dec 2022 22:37:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
41b2558155fea8dbcf930801614b1ed2
79526e75fe9687bd5611ef5762dc5b6e290b468c
e811018b29d2d37d8a84834fd4ce61f54680842ae7db408fe462a413d38f3051

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E811018B29D2D37D8A84834FD4CE61F54680842AE7DB408FE462A413D38F3051"
Last-Modified: Wed, 21 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5900
Expires: Fri, 23 Dec 2022 00:15:43 GMT
Date: Thu, 22 Dec 2022 22:37:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zuD7tys93V3P6hLwebzh4bd9jy4ykfozeupCACYn5ffaP9N44dK3ALslqT8k7QVpZESr29vnZ8k=
x-amz-request-id: M4WM0DBP1Q14G98A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 21:55:56 GMT
age: 2487
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 22:37:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

breached.vc/jscripts/jquery.plugins.min.js?ver=1821

185.129.102.37

200 OK

4.2 kB

URL HTTP/2
breached.vc/jscripts/jquery.plugins.min.js?ver=1821
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (14798)
Size
4.2 kB (4197 bytes)
Hash
6dc12904980b15bb66a88378798b3c29
01b57b097f3c25e155bf3362ea0076f77659e4f1
53ab5de6bde388be526a34f72c8b99ba511ac57896c2f0aaecf6c768f1db1db9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Oct 2021 04:00:00 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/jquery.plugins.min.js?ver=1821, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 4197
ddg-cache-status: HIT,HIT
etag: "617b71c0-39cf"
age: 255732
X-Firefox-Spdy: h2

breached.vc/jscripts/general.js?ver=1827

185.129.102.37

200 OK

4.5 kB

URL HTTP/2
breached.vc/jscripts/general.js?ver=1827
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (322)
Size
4.5 kB (4475 bytes)
Hash
28119db02aba07fb83aee11d640c3aa3
bec96ca3b6969d083318484fa8b7399dbc2cea16
8b1f23c5eac65ff0cbe96f7643b2b4c1a0e8da854e925d5a75d75ddd8e929807

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/general.js?ver=1827 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Oct 2021 04:00:00 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/general.js?ver=1827, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 4475
ddg-cache-status: HIT,HIT
etag: "617b71c0-3d5d"
age: 255732
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/css3.min.css?t=1666943266

185.129.102.37

200 OK

507 B

URL HTTP/2
breached.vc/cache/themes/theme5/css3.min.css?t=1666943266
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (2355), with no line terminators
Size
507 B (507 bytes)
Hash
6d44713008f2f880d45a2d121ee5b7da
8ab886ad8e1d3595494a7b038a5be6a606cf8f5b
38c9dd79e94af159ee69c1830b8884747aea13a5b5f91ff96c99aeaf631d2939

HTTP Headers

GET /cache/themes/theme5/css3.min.css?t=1666943266 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:32:26 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:47:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/css3.min.css?t=1666943266, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 507
ddg-cache-status: HIT,HIT
etag: "635b8922-933"
age: 345897
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/global.min.css?t=1666942606

185.129.102.37

200 OK

6.9 kB

URL HTTP/2
breached.vc/cache/themes/theme5/global.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text, with very long lines (30052), with no line terminators
Size
6.9 kB (6903 bytes)
Hash
d6e7838148ba953d0f19b9016e2500c4
354244a14dbe32ad480c67c7a6a307414210c5e4
0ee38662cae1cc7fe9a77d08e45842e771d7f8fb315c6a9f44ce6011045162be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/global.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/global.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 6903
ddg-cache-status: HIT,HIT
etag: "635b868e-7566"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/all.min.min.css?t=1666942606

185.129.102.37

200 OK

12 kB

URL HTTP/2
breached.vc/cache/themes/theme5/all.min.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (55955), with no line terminators
Size
12 kB (11895 bytes)
Hash
058905b678cdbf91f36e2cc641acabc1
56260f29c3351f7b19e30ee4550a179d2aa9c786
62d6dad9f030336051a4f627c197eafb4249cd06459b631eb08afeb0a946df18

HTTP Headers

GET /cache/themes/theme5/all.min.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/all.min.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 11895
ddg-cache-status: HIT,HIT
etag: "635b868e-da93"
age: 345765
X-Firefox-Spdy: h2

breached.vc/jscripts/jquery.js?ver=1823

185.129.102.37

200 OK

31 kB

URL HTTP/2
breached.vc/jscripts/jquery.js?ver=1823
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (65451)
Size
31 kB (30941 bytes)
Hash
4cd3c33c22ba00bd071b311c501e0eb1
a5f1128e570910e74f86b9d4728196978adffe1b
07d1045d583bd6b1c0d1aafaae9b38c7cb6081dc3a0436034588b11836a5128c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Oct 2021 04:00:00 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/jquery.js?ver=1823, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 30941
ddg-cache-status: HIT,HIT
etag: "617b71c0-15d83"
age: 255732
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/normalize.min.min.css?t=1666942606

185.129.102.37

200 OK

588 B

URL HTTP/2
breached.vc/cache/themes/theme5/normalize.min.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (1739), with no line terminators
Size
588 B (588 bytes)
Hash
e0b189e86088efa528923952040bfa74
b15748b2dd8045bbbe06111bdd1884fc4177b122
3a61f83911b0af46aff824fd8a91ea94ea3f7c7c8d4dd15cb41b74e4ef3cf596

HTTP Headers

GET /cache/themes/theme5/normalize.min.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/normalize.min.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 588
ddg-cache-status: HIT,HIT
etag: "635b868e-6cb"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/lib.min.min.css?t=1666942606

185.129.102.37

200 OK

615 B

URL HTTP/2
breached.vc/cache/themes/theme5/lib.min.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (2155), with no line terminators
Size
615 B (615 bytes)
Hash
135a018b2f2d3e4b133b01e8345078e7
f95666de8c926c6929b59e74f36918fb0ca28334
7f311fe9ff5f0999ce448e5efbe5c27c05c4bd61e1b06ce182115bffec8a33ed

HTTP Headers

GET /cache/themes/theme5/lib.min.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/lib.min.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 615
ddg-cache-status: HIT,HIT
etag: "635b868e-86b"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/roboto.min.css?t=1666942606

185.129.102.37

200 OK

267 B

URL HTTP/2
breached.vc/cache/themes/theme5/roboto.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (1306), with no line terminators
Size
267 B (267 bytes)
Hash
53b08817f552dd1d10d94d51fc4308d2
42df0ef6d7a8e520cb81de94a9542478d2a8ae68
813bdfa381012cbc83baaac39dd14036913679cc868f6f5c4f2c92d1f2c6cbde

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/roboto.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/roboto.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 267
ddg-cache-status: HIT,HIT
etag: "635b868e-51a"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/custom.min.css?t=1666942606

185.129.102.37

200 OK

4.5 kB

URL HTTP/2
breached.vc/cache/themes/theme5/custom.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (19854), with no line terminators
Size
4.5 kB (4459 bytes)
Hash
c31786edbfdc12554e74d013f68664b6
9afdec4f2898cfc34f353e0ae380510abd58321c
a2a9c997d3948894ac074afbe2e63444e5c3280466be18ba0a9a8ae3c1a95c14

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/custom.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/custom.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 4459
ddg-cache-status: HIT,HIT
etag: "635b868e-4d8e"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/ficons.min.css?t=1667621381

185.129.102.37

200 OK

450 B

URL HTTP/2
breached.vc/cache/themes/theme5/ficons.min.css?t=1667621381
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (2939), with no line terminators
Size
450 B (450 bytes)
Hash
376c45188b0e9208ece787457dcf7173
949b54daa60e04115ceb85e974ae5ec0d3685863
3ccb77a80764c39b9b983cfcf28e62d25324132318cd517ae1b4fe4c87d99469

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/ficons.min.css?t=1667621381 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 21 Dec 2022 12:08:50 GMT
content-type: text/css
last-modified: Sat, 05 Nov 2022 04:09:41 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/ficons.min.css?t=1667621381, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 450
ddg-cache-status: HIT,HIT
etag: "6365e205-b7b"
age: 124113
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/hovercards.min.css?t=1666942606

185.129.102.37

200 OK

1.0 kB

URL HTTP/2
breached.vc/cache/themes/theme5/hovercards.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (6821), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
5bffc47b3065526303ea0fd939b6353f
4f15a33587eec08df8c1167719911b7e0bd187b4
e298e4fcb8ff8e55c657e649e412c617e9674976a514a555d7446eaf05af3dc7

HTTP Headers

GET /cache/themes/theme5/hovercards.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/hovercards.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 1008
ddg-cache-status: HIT,HIT
etag: "635b868e-1aa5"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/plugins.min.css?t=1666942606

185.129.102.37

200 OK

2.0 kB

URL HTTP/2
breached.vc/cache/themes/theme5/plugins.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (8181), with no line terminators
Size
2.0 kB (2014 bytes)
Hash
4835703d09047809bb2a6b79fcdfcbba
3df1b2c6fd29630689ede4f5d90e276d7ce869b7
8828ebc93de9e075785d708019dea48f75ba3949d93c575ef26969b74b8fa707

HTTP Headers

GET /cache/themes/theme5/plugins.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/plugins.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 2014
ddg-cache-status: HIT,HIT
etag: "635b868e-1ff5"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/alerts.min.css?t=1666942606

185.129.102.37

200 OK

210 B

URL HTTP/2
breached.vc/cache/themes/theme5/alerts.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (575), with no line terminators
Size
210 B (210 bytes)
Hash
e742aeafc17040fc04a404ac83068c18
af7faaa4e0028314212f0ded31f0a665c65cd77a
07701d775c0e656ed8c2e7d2a2b076c8844ea118d1cb1bd75558f0e7832f922b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/alerts.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/alerts.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 210
ddg-cache-status: HIT,HIT
etag: "635b868e-23f"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/fork-awesome.min.css?t=1666942606

185.129.102.37

200 OK

6.9 kB

URL HTTP/2
breached.vc/cache/themes/theme5/fork-awesome.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (35298), with no line terminators
Size
6.9 kB (6941 bytes)
Hash
da64a0259db94d53612f7e7f856051e2
f796be8dcef2b6b49af0ae9fe6b8865d298e61fe
8698fe5ba036caa596b6d6d4c16fdc3580373fe4c46e3c62e7a8e809ccb115c1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/fork-awesome.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/fork-awesome.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 6941
ddg-cache-status: HIT,HIT
etag: "635b868e-89e2"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme5/mobile.min.css?t=1666942606

185.129.102.37

200 OK

1.5 kB

URL HTTP/2
breached.vc/cache/themes/theme5/mobile.min.css?t=1666942606
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (5146), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
659ca460542766217235f076f1b89566
8004c432ce276a2c659f2cecbd6573e6ba985b47
c62e4fe8b89106a3d145fae870dcbb61928e186e2945366296f8003c5826d909

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme5/mobile.min.css?t=1666942606 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 22:34:38 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 07:36:46 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme5/mobile.min.css?t=1666942606, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 1505
ddg-cache-status: HIT,HIT
etag: "635b868e-141a"
age: 345765
X-Firefox-Spdy: h2

breached.vc/cache/themes/theme1/onlinetoday.min.css?t=1648433133

185.129.102.37

200 OK

233 B

URL HTTP/2
breached.vc/cache/themes/theme1/onlinetoday.min.css?t=1648433133
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (740), with no line terminators
Size
233 B (233 bytes)
Hash
e6a5361335be5f0e74bd8a0d17eee3cb
b8813c0d0242487dfdb9ed9f21f5009773158418
88eebdb037724ea02676177aeddecfa6b9702ed1aa8dd6ac9d977e72e67449c4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cache/themes/theme1/onlinetoday.min.css?t=1648433133 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:33:19 GMT
content-type: text/css
last-modified: Mon, 28 Mar 2022 02:05:33 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/cache/themes/theme1/onlinetoday.min.css?t=1648433133, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 233
ddg-cache-status: HIT,HIT
etag: "624117ed-2e4"
age: 255844
X-Firefox-Spdy: h2

breached.vc/jscripts/ougc_awards.js

185.129.102.37

200 OK

856 B

URL HTTP/2
breached.vc/jscripts/ougc_awards.js
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text
Size
856 B (856 bytes)
Hash
b4bea077eba1397d856eeb9acb406853
b19c589adf9edc98d6badcd5afd37006ed4ab160
cf5f6cb7527e1118263788d034ba64ff480f53f67884e52efa9c8910c041bbac

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/ougc_awards.js HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Thu, 02 Apr 2020 20:53:14 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/ougc_awards.js, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 856
ddg-cache-status: HIT,HIT
etag: "5e8650ba-833"
age: 255732
X-Firefox-Spdy: h2

breached.vc/jscripts/ougc_spoiler.js

185.129.102.37

200 OK

627 B

URL HTTP/2
breached.vc/jscripts/ougc_spoiler.js
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text
Size
627 B (627 bytes)
Hash
18267d06230206eab80d09f584e1fa54
8a97c2f53d32a9a2d09690e64c684c10b51cccde
8efa194df22a7e6c001e47a7fb29a4edcd02b1600ec2af26dce236f4cc363a7a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/ougc_spoiler.js HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Thu, 18 Feb 2021 08:32:28 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/ougc_spoiler.js, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 627
ddg-cache-status: HIT,HIT
etag: "602e261c-5f5"
age: 255732
X-Firefox-Spdy: h2

breached.vc/jscripts/scrolltop.js

185.129.102.37

200 OK

731 B

URL HTTP/2
breached.vc/jscripts/scrolltop.js
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
731 B (731 bytes)
Hash
a63858bd7dca65d3454584b47f8e3d8d
31318f1c96010137db9b872bbccb88ae3a9234e0
f8995ee1ff9b7865804c006a7bf14d16e08bb89b1840d5a1487db358b5eb6e01

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jscripts/scrolltop.js HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Fri, 23 Apr 2021 17:23:12 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/jscripts/scrolltop.js, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: gzip
vary: Accept-Encoding
content-length: 731
ddg-cache-status: HIT,HIT
etag: "60830280-61a"
age: 255732
X-Firefox-Spdy: h2

breached.vc/resources/javascript/bf_theme.js

185.129.102.37

200 OK

805 B

URL HTTP/2
breached.vc/resources/javascript/bf_theme.js
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
805 B (805 bytes)
Hash
38bc38ad0575449fc1e846e4a48b6c46
10dd3f01a6fc1b6fff3285a96b765f4c4b6a45b6
1f4ee4d1b2ceb2a797c2f9041c475de05975afc8ff85c17268b464324664c861

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/javascript/bf_theme.js HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Thu, 31 Mar 2022 22:11:19 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/resources/javascript/bf_theme.js, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 805
ddg-cache-status: HIT,HIT
etag: "62462707-1163"
age: 255732
X-Firefox-Spdy: h2

breached.vc/resources/javascript/raid.js?v=1.6

185.129.102.37

200 OK

2.6 kB

URL HTTP/2
breached.vc/resources/javascript/raid.js?v=1.6
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (566)
Size
2.6 kB (2556 bytes)
Hash
d1308e9e96fbcace6c2c415cfe97bc38
fe516e8acf8abba108008119c80e4c5f35945f03
62903309567b70e40175594b2031530205db31132910919609bc3334ece40d13

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/javascript/raid.js?v=1.6 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Dec 2022 23:35:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Mar 2022 09:43:26 GMT
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/resources/javascript/raid.js?v=1.6, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
content-encoding: br
vary: Accept-Encoding
content-length: 2556
ddg-cache-status: HIT,HIT
etag: "6227253e-1f4e"
age: 255732
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 22:37:24 GMT
Last-Modified: Thu, 22 Dec 2022 20:52:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 22:08:02 GMT
age: 1762
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

breached.vc/resources/roboto/Roboto-Regular.woff2

185.129.102.37

200 OK

16 kB

URL HTTP/2
breached.vc/resources/roboto/Roboto-Regular.woff2
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Size
16 kB (15736 bytes)
Hash
479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://breached.vc/cache/themes/theme5/roboto.min.css?t=1666942606
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 06:47:48 GMT
content-type: application/octet-stream
content-length: 15736
last-modified: Tue, 08 Mar 2022 15:46:48 GMT
etag: "62277a68-3d78"
access-control-allow-origin: *
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
age: 661776
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

breached.vc/resources/webfonts/fa-solid-900.woff2

185.129.102.37

200 OK

75 kB

URL HTTP/2
breached.vc/resources/webfonts/fa-solid-900.woff2
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://breached.vc/cache/themes/theme5/all.min.min.css?t=1666942606
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 17:21:43 GMT
content-type: application/octet-stream
content-length: 75440
last-modified: Tue, 08 Mar 2022 15:41:56 GMT
etag: "62277944-126b0"
access-control-allow-origin: *
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
age: 364541
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

breached.vc/resources/roboto/Roboto-Bold.woff2

185.129.102.37

200 OK

16 kB

URL HTTP/2
breached.vc/resources/roboto/Roboto-Bold.woff2
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Size
16 kB (15816 bytes)
Hash
2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/roboto/Roboto-Bold.woff2 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://breached.vc/cache/themes/theme5/roboto.min.css?t=1666942606
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 21 Dec 2022 14:19:21 GMT
content-type: application/octet-stream
content-length: 15816
last-modified: Tue, 08 Mar 2022 15:46:56 GMT
etag: "62277a70-3dc8"
access-control-allow-origin: *
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
age: 116284
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

breached.vc/resources/webfonts/fa-brands-400.woff2

185.129.102.37

200 OK

74 kB

URL HTTP/2
breached.vc/resources/webfonts/fa-brands-400.woff2
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Size
74 kB (74508 bytes)
Hash
7559b3774a0625e8ca6c0160f8f6cfd8
a403af3337e6207d144b998b9c3bed439af562a9
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /resources/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://breached.vc/cache/themes/theme5/all.min.min.css?t=1666942606
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 21 Dec 2022 14:27:49 GMT
content-type: application/octet-stream
content-length: 74508
last-modified: Tue, 08 Mar 2022 15:40:04 GMT
etag: "622778d4-1230c"
access-control-allow-origin: *
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
age: 115776
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.125.72

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.125.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9/O89K9LakrvwyaRbRrgAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8xDCaOwJ4bElOF8Od10Ip0X8gDM=

breached.vc/logo.png

185.129.102.37

200 OK

44 kB

URL HTTP/2
breached.vc/logo.png
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44299 bytes)
Hash
4f98214d58bb45eb88a8291a85c2db2e
c3976263ac6f13ce0cef806820fd57f466c345b1
b1d55b4b155923b97db02fb73074cc73fa1eff02b6dffffb893440dcf05c7100

HTTP Headers

GET /logo.png HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://breached.vc/T
Cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; mybb[lastvisit]=1671748643; mybb[lastactive]=1671748643
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 20 Dec 2022 08:48:04 GMT
content-type: image/png
content-length: 44299
last-modified: Fri, 15 Apr 2022 01:44:39 GMT
etag: "6258ce07-ad0b"
accept-ranges: bytes
onion-location: http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/logo.png, http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion
age: 222560
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9229
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 22:37:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9229
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 22:37:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9229
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 22:37:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9229
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 22:37:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a1fb1-c604-4ebe-a587-c6a7bfc6e13d.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a1fb1-c604-4ebe-a587-c6a7bfc6e13d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3963 bytes)
Hash
7bbccd71cd7292dea16d1840b36b49ad
ae5e12eb73e85cc334ce5fba454fcd61e0065da4
9d622628cb3a9658be54adbc1b3e7d7c4e1c41c5468c23109dae021b63001b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a1fb1-c604-4ebe-a587-c6a7bfc6e13d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3963
x-amzn-requestid: e92dc9ff-ebf1-4fde-b6a0-8e6e3828fcb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUm_zEO9oAMF5IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8531-1ff86cf3152fcd2109a5bbf9;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:49 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: L3TL5ZZUrMEdyxWBi_WmnY6gHDDW5DQilhpomXexCIyUpM6FTVglSA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 05:38:52 GMT
age: 61113
etag: "ae5e12eb73e85cc334ce5fba454fcd61e0065da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7938 bytes)
Hash
2bbbb7eaaa4b72573f00472962e147b9
617524daae76010761f7c1a91ef7d820f3bfa18d
8bd70123b979f4fa9b0dfaac49a8fe5a13b7f61ea1b3355b66c2f4b9450f42ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7938
x-amzn-requestid: 3e94e5ff-c053-410e-bd1a-b0b0fed79b38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dh-a8Ga9IAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3dddf-60d3dc124de205da4e1267d0;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 04:32:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iPaIFw4FHSeRvK4jrofKgNjny_Y9Q0G4zgoDg6KF-nmyqiH8kzH_zw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 08:08:03 GMT
age: 52162
etag: "617524daae76010761f7c1a91ef7d820f3bfa18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8103 bytes)
Hash
5aee260508b4a6317aa74cfa263fcf0f
0268b809b07f0126ae1c707f0a72cbf2c5ee5dde
b43410a5b53d6318d13a1b6cac311beaff9aaf2b21a6d68420ec7e3291ce44b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8103
x-amzn-requestid: 1dec4794-e477-4587-a919-10fed7e06f73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: degIwFtioAMFZoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a27a37-2088c1ec6c0d3158153e907b;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:15:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AGI9___39fqK5XMr0S4ambwT-62kOatnW3udg1VA2JqppxIUthagMA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:25:49 GMT
age: 54696
etag: "0268b809b07f0126ae1c707f0a72cbf2c5ee5dde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7521 bytes)
Hash
f0bcde39691c9f7ffe3c4a31d919394a
9ab1417dd6266da8da799ebc8bdd3dc869b85ef9
557ab2dd06a693547e7b41cdc2463b304692d41bf3ea3ede1dbe11e9652bd0a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7521
x-amzn-requestid: ac46341b-883e-496b-9dee-32638a723504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhc9IHKGIAMFwfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3a853-146ab5f27dc7057876d81fa5;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 00:44:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tHydK_kkMFG63be5bXiK9SZPFvtsy-UXzfEzxPvu6ZFDyEMOFJ22bg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 19:40:50 GMT
age: 10595
etag: "9ab1417dd6266da8da799ebc8bdd3dc869b85ef9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5642 bytes)
Hash
fcdd5fc33823bcbfee082a3c0f2b083a
ed38fa97bee58621ef44a2ea6fbe4c291a12e12e
0ef1916483458d2c629077614f5ba5ea268c85679e60e8e14c7d4ca4993b674a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5642
x-amzn-requestid: e4e58ace-9158-4419-b3da-ed0e5502fdd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJviFUAoAMFifg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcc9-1c38199e663a289b775de5df;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:10:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrKTso9Ew9gzmJSilPJfvh1VkrxZyoDiTvakJOn7exvwnhfXHd_Srw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 06:14:29 GMT
age: 58976
etag: "ed38fa97bee58621ef44a2ea6fbe4c291a12e12e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12054 bytes)
Hash
244b2a2a5b176fb3117248a872e2a37a
f451963e96d330a8dcd28ebcf5e63791e90b75ba
c01075e3836684e57b87d1feaf148e5c0dc35e273b8519c342c90e44dfc1e54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12054
x-amzn-requestid: 0bc40c79-d44a-40eb-86e8-7cd0af85f5f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dR25eHSNoAMF3_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639d6b6f-5a9931874f56d4e11a4c0544;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 07:10:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: erfUxHctFpr6wTJ6NtNnPGXP0mAT4K-2UJuwA1i5ODBX36gqc_45DQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:52:42 GMT
age: 2683
etag: "f451963e96d330a8dcd28ebcf5e63791e90b75ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

breached.vc/T

185.129.102.37

404 Not Found

0 B

URL HTTP/2
breached.vc/T
IP
185.129.102.37:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /T HTTP/1.1
Host: breached.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Dec 2022 22:37:23 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: __ddg1_=KAzbjN7A0h47L1F8zyBa; Domain=.breached.vc; HttpOnly; Path=/; Expires=Fri, 22-Dec-2023 22:37:23 GMT
mybb[lastvisit]=1671748643; expires=Fri, 22-Dec-2023 22:37:23 GMT; path=/; domain=.breached.vc
mybb[lastactive]=1671748643; expires=Fri, 22-Dec-2023 22:37:23 GMT; path=/; domain=.breached.vc
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations