Report - abstream.to

Report Overview

Visited public
2025-04-29 18:22:33
Tags
Submit Tags
URL
abstream.to
Finishing URL
abstream.to/
IP / ASN
95.129.233.133
#57724 Ddos-guard Ltd
Title
Abstream

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
abstream.to	unknown	unknown	2025-01-25	2025-04-28	5.9 kB	509 kB	95.129.233.133
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-23	451 B	1.5 kB	142.250.178.106
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-23	531 B	26 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed
2025-04-29	medium	abstream.to	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	abstream.to/static/js/bootstrap.bundle.min.js?	ScriptElement	81 kB	2024-02-25	2025-07-13
Pretty URL abstream.to/static/js/bootstrap.bundle.min.js? IP 95.129.233.133 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 11:27 Last Seen2025-07-13 06:45 Times Seen5377 Hash 2e477967e482f32e65d4ea9b2fd8e106 ddc6e9ead6d16ae9237399ce41e8c1620cc59c36 0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c Loading...

	abstream.to/static/js/xupload.js?	ScriptElement	11 kB	2024-02-16	2025-07-12
Pretty URL abstream.to/static/js/xupload.js? IP 95.129.233.133 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 00:02 Last Seen2025-07-12 02:05 Times Seen24 Hash cee636450d732e5814620c8e9be382a8 4d0cbe9489c96bf88e8438e10ae73798077238d1 98eb0adaa70ec55776d6b3ecc03fbfbe4ebb4dacad48660fa4a8ce813e67daf4 Loading...

	abstream.to/	ScriptElement	100 B	2025-04-28	2025-04-29
Pretty URL abstream.to/ IP 95.129.233.133 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-28 16:37 Last Seen2025-04-29 18:22 Times Seen2 Hash 9a698d028134bab49bc58f5736d3d823 94b9e4fae74d530a6cc6417b87a195a8d3065946 629608bb26c098f6f7945e9a2d09097e6edbdc9017b25573ffd09bb78bdf61b0 Loading...

	abstream.to/static/js/app.js?	ScriptElement	329 B	2025-04-28	2025-04-29
Pretty URL abstream.to/static/js/app.js? IP 95.129.233.133 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 16:37 Last Seen2025-04-29 18:22 Times Seen2 Hash 596c2d7a765778113680a8b33fbcda52 788832099a1d318a7303044f85c9d36304e9261b 0d5d0fe0a57162cc9854ac63b2ed3baceb8ba9b735a8ea400ca62c4301d7a22d Loading...

	abstream.to/static/js/jquery-3.7.1.min.js?	ScriptElement	88 kB	2023-08-31	2025-07-13
Pretty URL abstream.to/static/js/jquery-3.7.1.min.js? IP 95.129.233.133 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-07-13 06:47 Times Seen47467 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

HTTP Transactions (13)

URL IP Response Size

GET abstream.to/static/css/style.css?

95.129.233.133

200 OK

232 kB

URL GET
abstream.to/static/css/style.css?
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
ASCII text, with very long lines (651), with CRLF line terminators
Size
232 kB (231561 bytes)
Hash
a72454d8a360f375319f681a2b737adb
9b1b233170c03db4ff383d8c8f1dcfbbe705c0e6
9d43fcd5fa1abd6531192fd7162a4f002b052b30371ba9ed7e66d4f51c192c0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style.css? HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=SwzR5SKsjvPeDEKd; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Apr 2025 22:49:54 GMT
content-type: text/css
last-modified: Wed, 08 Jan 2025 20:34:59 GMT
etag: W/"38889-62b37cb96823f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
vary: Accept-Encoding
age: 588737
content-length: 24803
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/images/bg.jpg

95.129.233.133

200 OK

11 kB

URL GET
abstream.to/static/images/bg.jpg
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x915, components 3
Size
11 kB (10765 bytes)
Hash
6f286928f4678c6825b0bb0308d6739c
2e9154b8b365342834529170b3a099d867844858
46dfe6146bb1970d9bfcfd193299ca440ecc6eaa00f7653853eb654e957fc2ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/bg.jpg HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/static/css/style.css?
Cookie: __ddg8_=vVIrMUXM4FBNTyJG; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=tXPtHzrRCBCBLQn4; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg10_=1745950932; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Apr 2025 16:32:07 GMT
content-type: image/jpeg
content-length: 10765
last-modified: Mon, 09 Dec 2024 12:56:33 GMT
etag: "2a0d-628d5e4db8240"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
age: 179405
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/images/favicon/apple-touch-icon.png

95.129.233.133

200 OK

16 kB

URL GET
abstream.to/static/images/favicon/apple-touch-icon.png
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
16 kB (15982 bytes)
Hash
a5482965444549673df0168025573375
8457ef8fc410c5256349a9fe207a0ca04934444e
49d80082c6d5ee5b1bd2c806c95100108d71f2333d15ad8c89801b88257475a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/favicon/apple-touch-icon.png HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=tXPtHzrRCBCBLQn4; __ddg10_=1745950932; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=5QAcbocyDQmkVR3A; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg10_=1745950932; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Apr 2025 11:08:25 GMT
content-type: image/png
content-length: 15982
last-modified: Mon, 09 Dec 2024 12:56:46 GMT
etag: "3e6e-628d5e5a1df80"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
age: 198827
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Sniglet&display=swap

142.250.178.106

200 OK

838 B

URL GET
fonts.googleapis.com/css2?family=Sniglet&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://abstream.to/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
838 B (838 bytes)
Hash
d17e4f4d3dfc356e63fd21d2fe99da55
d6aeb31e1f7599c6dd977248ec1dde69fc4686af
4c579045a853a37d7cf4f13cffc11f697e2a07bea71be59038d23e4d5b10b9ce

HTTP Headers

GET /css2?family=Sniglet&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Apr 2025 18:22:11 GMT
date: Tue, 29 Apr 2025 18:22:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET abstream.to/static/js/jquery-3.7.1.min.js?

95.129.233.133

200 OK

88 kB

URL GET
abstream.to/static/js/jquery-3.7.1.min.js?
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery-3.7.1.min.js? HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=JgjrPwLS1TuXHO89; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Apr 2025 11:50:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:06:20 GMT
etag: W/"155ed-6298967514838"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
vary: Accept-Encoding
age: 23522
content-length: 30733
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/js/app.js?

95.129.233.133

200 OK

329 B

URL GET
abstream.to/static/js/app.js?
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
ASCII text, with CRLF line terminators
Size
329 B (329 bytes)
Hash
596c2d7a765778113680a8b33fbcda52
788832099a1d318a7303044f85c9d36304e9261b
0d5d0fe0a57162cc9854ac63b2ed3baceb8ba9b735a8ea400ca62c4301d7a22d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/app.js? HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=zqv86UJ9tSLwcWtt; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Wed, 23 Apr 2025 00:20:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 14 Dec 2024 22:45:08 GMT
etag: W/"149-62942b3008500"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
age: 583323
content-length: 219
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/js/xupload.js?

95.129.233.133

200 OK

11 kB

URL GET
abstream.to/static/js/xupload.js?
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
JavaScript source, ASCII text
Size
11 kB (10826 bytes)
Hash
cee636450d732e5814620c8e9be382a8
4d0cbe9489c96bf88e8438e10ae73798077238d1
98eb0adaa70ec55776d6b3ecc03fbfbe4ebb4dacad48660fa4a8ce813e67daf4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/xupload.js? HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=wFWIJ73Eurufnpxu; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Wed, 23 Apr 2025 01:12:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Dec 2024 11:04:48 GMT
etag: W/"2a4a-628d455355400"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 580183
content-length: 3866
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/sniglet/v17/cIf9MaFLtkE3UjaJ9C6hYQ.woff2

142.250.74.35

200 OK

25 kB

URL GET
fonts.gstatic.com/s/sniglet/v17/cIf9MaFLtkE3UjaJ9C6hYQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://abstream.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24676, version 1.0
Size
25 kB (24676 bytes)
Hash
5226bb0d8c944d6d0c5730dbe69ad869
e1815f4c86aa4f54084f474bca3b58043478ad77
37e59a351da07186054ae43724f2665824d43c132ce01cc897f0e1eb7dd8fed2

HTTP Headers

GET /s/sniglet/v17/cIf9MaFLtkE3UjaJ9C6hYQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abstream.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Apr 2025 14:52:18 GMT
expires: Fri, 24 Apr 2026 14:52:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:20:01 GMT
content-type: font/woff2
age: 444594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET abstream.to/static/images/favicon/favicon-16x16.png

95.129.233.133

200 OK

664 B

URL GET
abstream.to/static/images/favicon/favicon-16x16.png
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
664 B (664 bytes)
Hash
9e129f48e2254dccc48ffb3fd06b6014
23af328a39c869cb982b7fff9574e435282ffecf
6bc0f80cbfdf9a2b5476a17bcea46263c2a444e8e16016062ec9bb03bd8c2c31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=tXPtHzrRCBCBLQn4; __ddg10_=1745950932; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=ukOmjgqF6oHZfQKZ; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg10_=1745950932; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:12 GMT
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Apr 2025 07:12:00 GMT
content-type: image/png
content-length: 664
last-modified: Mon, 09 Dec 2024 12:56:46 GMT
etag: "298-628d5e5a1df80"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
age: 40212
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2

GET abstream.to/

95.129.233.133

200 OK

28 kB

URL User Request GET
abstream.to/
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1737), with CRLF, LF line terminators
Size
28 kB (27962 bytes)
Hash
2641f63c31f07eeb32b81e0606984ace
278b2d7a560171f586e4f5c6c5b58da0f3176287
eeb2650fe0d7aef6e755f54ae61917d63a7379a1c3ffdab47c939247dc83a931

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=e0EDTStT0aVRNFF8; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg1_=WnRKLPLvTIOUgi8L3wBX; Domain=.abstream.to; HttpOnly; Path=/; Expires=Wed, 29-Apr-2026 18:22:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Apr 2025 18:22:11 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 28 Apr 2025 18:22:11 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

GET abstream.to/static/js/bootstrap.bundle.min.js?

95.129.233.133

200 OK

81 kB

URL GET
abstream.to/static/js/bootstrap.bundle.min.js?
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
81 kB (80721 bytes)
Hash
2e477967e482f32e65d4ea9b2fd8e106
ddc6e9ead6d16ae9237399ce41e8c1620cc59c36
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/bootstrap.bundle.min.js? HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=aOnnSrkJBbSfA0vu; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Apr 2025 20:54:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 01:40:06 GMT
etag: W/"13b51-628f4ad5dc980"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
vary: Accept-Encoding
age: 77279
content-length: 23474
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/images/logo.svg

95.129.233.133

200 OK

4.4 kB

URL GET
abstream.to/static/images/logo.svg
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
SVG Scalable Vector Graphics image
Size
4.4 kB (4433 bytes)
Hash
6ab48e7182aecefcb4f5db672760b69d
5c440b0f728500ce3ca7f6a45e1130bb88fdbd1b
7ce151d534cd3dc86b1dfb69825fcec9f81e245b0eb054c1711c88833b234e3b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=u2VNz7zBu08WJ8JA; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Apr 2025 02:57:54 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Dec 2024 20:52:13 GMT
etag: W/"1151-62918e37f7940"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
vary: Accept-Encoding
age: 228257
content-length: 2036
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

GET abstream.to/static/images/slide.svg

95.129.233.133

200 OK

30 kB

URL GET
abstream.to/static/images/slide.svg
IP
95.129.233.133:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://abstream.to/
Certificate
IssuerLet's Encrypt
Subjectabstream.to
Fingerprint6F:D4:05:2E:6E:FA:10:42:66:23:EC:57:BA:6E:48:AB:68:65:D9:12
ValidityTue, 22 Apr 2025 18:02:36 GMT - Mon, 21 Jul 2025 18:02:35 GMT

File type
SVG Scalable Vector Graphics image
Size
30 kB (30456 bytes)
Hash
a45dc5ab090a5314dd59377affda003c
f2a07046bf5db0378a3257044d892e7078f4fa2b
abdb89029bddbbb9e4ae2f0934e09240b7d774d18aa26a793395c9b3f1a4d55d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/slide.svg HTTP/1.1
Host: abstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abstream.to/
Cookie: __ddg8_=e0EDTStT0aVRNFF8; __ddg10_=1745950931; __ddg9_=91.90.42.154; __ddg1_=WnRKLPLvTIOUgi8L3wBX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=vVIrMUXM4FBNTyJG; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg10_=1745950931; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
__ddg9_=91.90.42.154; Domain=.abstream.to; Path=/; Expires=Tue, 29-Apr-2025 18:42:11 GMT
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Apr 2025 05:01:01 GMT
content-type: image/svg+xml
last-modified: Mon, 09 Dec 2024 12:56:45 GMT
etag: W/"76f8-628d5e5929d40"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
vary: Accept-Encoding
age: 48070
content-length: 6183
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP