Report - ctnbnk012.https443.org/

Report Overview

Submitted URL
ctnbnk012.https443.org/
IP
68.183.207.96
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-10 05:46:42
Access
public
Website Title
AcuGIS - AcuGIS GeoHelm
Final URL
ctnbnk012.https443.org/
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
20
Network Intrusion Detection
38
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ctnbnk012.https443.org	unknown	2012-06-07	2022-10-02	2023-07-19	6.7 kB	324 kB	68.183.207.96
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	889 B	11 kB	216.58.207.234
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	2.1 kB	90 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:17	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:18	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
2024-05-10 05:46:18	medium	Client IP	68.183.207.96	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	ctnbnk012.https443.org/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/js/jquery.magnific-popup.min.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-20 16:38:24 Times Seen6137 Hash b37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2 Loading...

	ctnbnk012.https443.org/	0 B	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/ IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 17:15:57 Times Seen37883273 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ctnbnk012.https443.org/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/js/bootstrap.min.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:49 Last Seen2024-05-20 01:58:47 Times Seen2496 Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef Loading...

	ctnbnk012.https443.org/js/scrolling-nav.js	917 B	2023-03-08	2024-05-10
Pretty URL ctnbnk012.https443.org/js/scrolling-nav.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:54 Last Seen2024-05-10 07:46:43 Times Seen5 Hash b6acff7974668770816e2c8fb3da8ff2 7e2443360eca3f3a7f69bbcd75a4a17748253302 c858ebf3f7488ea11b5cf17b982307fa8b2f1d20915bf2468a31d9c828072dfd Loading...

	ctnbnk012.https443.org/js/nivo-lightbox.js	15 kB	2023-03-07	2024-05-10
Pretty URL ctnbnk012.https443.org/js/nivo-lightbox.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:57 Last Seen2024-05-10 07:46:43 Times Seen32 Hash f826ced492f4a23c4d775778371df0ef 0c36310a0df8120e7defb6697643149750f011e0 c97a69e28f040c8159d3ae7760ab0279e3913331aa36afe9092834af30a780f2 Loading...

	ctnbnk012.https443.org/js/jquery.nav.js	5.1 kB	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/js/jquery.nav.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:05 Last Seen2024-05-20 13:47:39 Times Seen1148 Hash a33571eb2591514e45765696e5d92c9f e680863a86670bf2d8e0b1f5b33c267f0ddc5cd1 707a967916ff7ca8411b995ff078ee44fcbb627bbb11f067643f7a6ab7f99806 Loading...

	ctnbnk012.https443.org/js/jquery.easing.min.js	5.6 kB	2023-03-07	2024-05-14
Pretty URL ctnbnk012.https443.org/js/jquery.easing.min.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:49 Last Seen2024-05-14 21:09:29 Times Seen554 Hash 9cda9e740bbf260a190f4041132b5105 603599b494c5f0c9ed5d11ccea03ca6517da46dc ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba Loading...

	ctnbnk012.https443.org/js/main.js	3.7 kB	2024-05-10	2024-05-10
Pretty URL ctnbnk012.https443.org/js/main.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:46:43 Last Seen2024-05-10 07:46:43 Times Seen2 Hash 71bce6069fe10ff9c4747b3c1dd9b7ee c603aedfbd60583c04d46ede365cd1c26c8a3b1d c4225003ed79482e35756849c1936449310f36d2940c0f976bad48394fb5da1b Loading...

	ctnbnk012.https443.org/	0 B	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/ IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 17:15:57 Times Seen37883273 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ctnbnk012.https443.org/js/jquery-min.js	84 kB	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/js/jquery-min.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:08 Last Seen2024-05-20 15:11:57 Times Seen1914 Hash b0dc11d0a434aafe88908c7f33d71095 1327f754ff87d26bced46568543207e9df190aaa de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f Loading...

	ctnbnk012.https443.org/js/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL ctnbnk012.https443.org/js/popper.min.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:57 Last Seen2024-05-10 07:46:43 Times Seen132 Hash b37d2558404192e18ca66e0533e57cf1 8c3927f14067ea7afa15cb2eba13d74147ca5621 0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c Loading...

	ctnbnk012.https443.org/js/owl.carousel.js	53 kB	2023-03-07	2024-05-20
Pretty URL ctnbnk012.https443.org/js/owl.carousel.js IP 68.183.207.96 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:55 Last Seen2024-05-20 01:58:47 Times Seen1841 Hash a5f96c62d75be144282ef6cc429a6259 99a600283194105be6679b4a7cba8ac27a8c455a 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d Loading...

HTTP Transactions (25)

URL IP Response Size

ctnbnk012.https443.org/

68.183.207.96

200 OK

1.9 kB

URL User Request GET HTTP/1.1
ctnbnk012.https443.org/
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
1.9 kB (1919 bytes)
Hash
73b3aa466f85a8ff23333dd13b15d9c3
edb7e7dcfa4313e160d3155093aecba35402476d
1149851c0fc4ea230ebc7dad6df143bf6527dc28211545ad0e4571d15e5dc024

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET / HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 10 Apr 2020 13:08:13 GMT
ETag: "216d-5a2ef6cfda940-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1919
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

ctnbnk012.https443.org/css/LineIcons.css

68.183.207.96

200 OK

4.9 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/css/LineIcons.css
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
ASCII text
Size
4.9 kB (4897 bytes)
Hash
54d11756557f8f9affecd833c738e71f
86356e20574afa3de939a5d13a97b99b20648374
8e5d8c4e0949aad2439584e589448cbf1ae29f81ee6655fdc810c82248308dfe

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /css/LineIcons.css HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:32 GMT
ETag: "7abc-587fb525e3500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4897
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ctnbnk012.https443.org/css/animate.css

68.183.207.96

200 OK

5.1 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/css/animate.css
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
ASCII text, with very long lines (460)
Size
5.1 kB (5076 bytes)
Hash
4b2af0a41eef75639dde95c23efd47db
26f4b70e8c3892c842d5000d59ab120a8c5fad1c
70c941a384137809113d33db0b4d68e31a85f711cdbfb5a2952564ac08fdc6e5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:32 GMT
ETag: "1105f-587fb525e3500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5076
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ctnbnk012.https443.org/css/bootstrap.min.css

68.183.207.96

200 OK

21 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/css/bootstrap.min.css
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
21 kB (21094 bytes)
Hash
7a4d526cc895313a15f952f8add74d8f
7296fae9429813d17a7c6e591459c8459718720c
95283c8e0a48d53d25054de661f6b31645d1c9e8ad523f225563950a2d3aa574

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 14:51:25 GMT
ETag: "22693-587fce27e7540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21094
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ctnbnk012.https443.org/css/main.css

68.183.207.96

200 OK

6.3 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/css/main.css
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
ASCII text, with CRLF line terminators
Size
6.3 kB (6268 bytes)
Hash
7a4216cdea94fdc740b9ec98b6bab521
c8fe15ec0dd383f40be3e6a487ed6aad15fb2d0f
a711ebd8ae300c2aa081357430c7901825850cc0afcf23d9ef8b033ba982292e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /css/main.css HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 14:18:26 GMT
ETag: "a09b-587fc6c895080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ctnbnk012.https443.org/css/responsive.css

68.183.207.96

200 OK

2.1 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/css/responsive.css
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2128 bytes)
Hash
0e9c3f2bf02261ed9f695e7a0a08cc27
914ab1ae80343cddffd989238ad43d5ef604c781
d7de83b7d5b48a59944fb45ceec6282b20bc9654e868979cb6d3fd0b67c0cd46

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /css/responsive.css HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 14:54:51 GMT
ETag: "31dd-587fceec5c4c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ctnbnk012.https443.org/js/popper.min.js

68.183.207.96

200 OK

6.9 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/popper.min.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text, with very long lines (18860), with CRLF line terminators
Size
6.9 kB (6859 bytes)
Hash
b37d2558404192e18ca66e0533e57cf1
8c3927f14067ea7afa15cb2eba13d74147ca5621
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "4a5e-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6859
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/bootstrap.min.js

68.183.207.96

200 OK

14 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/bootstrap.min.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text, with very long lines (50450)
Size
14 kB (14048 bytes)
Hash
eb5fac582a82f296aeb74900b01a2fa3
fffea98e12e63b66693d567315a2f32392b780b0
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "c62b-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14048
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/owl.carousel.js

68.183.207.96

200 OK

8.8 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/owl.carousel.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text
Size
8.8 kB (8751 bytes)
Hash
a5f96c62d75be144282ef6cc429a6259
99a600283194105be6679b4a7cba8ac27a8c455a
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/owl.carousel.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "ce3d-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8751
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/scrolling-nav.js

68.183.207.96

200 OK

449 B

URL GET HTTP/1.1
ctnbnk012.https443.org/js/scrolling-nav.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text
Size
449 B (449 bytes)
Hash
b6acff7974668770816e2c8fb3da8ff2
7e2443360eca3f3a7f69bbcd75a4a17748253302
c858ebf3f7488ea11b5cf17b982307fa8b2f1d20915bf2468a31d9c828072dfd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/scrolling-nav.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "395-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 449
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/jquery.nav.js

68.183.207.96

200 OK

1.8 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/jquery.nav.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text
Size
1.8 kB (1828 bytes)
Hash
a33571eb2591514e45765696e5d92c9f
e680863a86670bf2d8e0b1f5b33c267f0ddc5cd1
707a967916ff7ca8411b995ff078ee44fcbb627bbb11f067643f7a6ab7f99806

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/jquery.nav.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "1412-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1828
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/jquery.easing.min.js

68.183.207.96

200 OK

1.9 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/jquery.easing.min.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.9 kB (1871 bytes)
Hash
9cda9e740bbf260a190f4041132b5105
603599b494c5f0c9ed5d11ccea03ca6517da46dc
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/jquery.easing.min.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "15bc-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1871
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/nivo-lightbox.js

68.183.207.96

200 OK

3.2 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/nivo-lightbox.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text
Size
3.2 kB (3190 bytes)
Hash
f826ced492f4a23c4d775778371df0ef
0c36310a0df8120e7defb6697643149750f011e0
c97a69e28f040c8159d3ae7760ab0279e3913331aa36afe9092834af30a780f2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/nivo-lightbox.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "39aa-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3190
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/jquery.magnific-popup.min.js

68.183.207.96

200 OK

7.3 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/jquery.magnific-popup.min.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators
Size
7.3 kB (7348 bytes)
Hash
b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "4efb-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7348
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/main.js

68.183.207.96

200 OK

1.1 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/main.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.1 kB (1145 bytes)
Hash
71bce6069fe10ff9c4747b3c1dd9b7ee
c603aedfbd60583c04d46ede365cd1c26c8a3b1d
c4225003ed79482e35756849c1936449310f36d2940c0f976bad48394fb5da1b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/main.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "e8b-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1145
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

ctnbnk012.https443.org/js/jquery-min.js

68.183.207.96

200 OK

30 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/js/jquery-min.js
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
30 kB (29541 bytes)
Hash
b0dc11d0a434aafe88908c7f33d71095
1327f754ff87d26bced46568543207e9df190aaa
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /js/jquery-min.js HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:33 GMT
ETag: "1497d-587fb526d7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29541
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript

fonts.googleapis.com/css?family=Rubik:400,400i,500

216.58.207.234

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Rubik:400,400i,500
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1308 bytes)
Hash
a72248133c756a43a60c5098b70f8086
e19e1396170211c1ce9cc65dab904208c2ba957c
925128535e38bb04eb47083ba48b684f8ebfb31571e6317c182e75bb5542f487

HTTP Headers

GET /css?family=Rubik:400,400i,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 05:46:17 GMT
date: Fri, 10 May 2024 05:46:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35448, version 1.0
Size
35 kB (35448 bytes)
Hash
5c138044f30b8c78119264cd744e686a
7605e014180d49087785350bd1906c16c389690d
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

HTTP Headers

GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ctnbnk012.https443.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 19:16:44 GMT
expires: Fri, 09 May 2025 19:16:44 GMT
cache-control: public, max-age=31536000
age: 37773
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:400,500,600

216.58.207.234

200 OK

8.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Poppins:400,500,600
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
8.2 kB (8151 bytes)
Hash
45f8f7ced543054bc2c4c7c95ac48d5e
bbc0524a16534d314376067056d134a1416e5c62
2e1291a428e360ac6bb0a6e6d5b12eac645c0050bec331189cae3766c02c8241

HTTP Headers

GET /css?family=Poppins:400,500,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 05:46:17 GMT
date: Fri, 10 May 2024 05:46:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35448, version 1.0
Size
35 kB (35448 bytes)
Hash
5c138044f30b8c78119264cd744e686a
7605e014180d49087785350bd1906c16c389690d
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

HTTP Headers

GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ctnbnk012.https443.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 19:16:44 GMT
expires: Fri, 09 May 2025 19:16:44 GMT
cache-control: public, max-age=31536000
age: 37773
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ctnbnk012.https443.org/img/logo.png

68.183.207.96

200 OK

53 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/img/logo.png
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
PNG image data, 235 x 68, 8-bit/color RGBA, non-interlaced
Size
53 kB (53243 bytes)
Hash
9e3fb304bdd9e10e7c26bad4428266d5
5656e8aec6e72405a82f9375b25072162f28430b
d720b306889222a959a7edce7179769d931dfa926e3f5a5eca0addaffce9009c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Thu, 30 May 2019 20:15:43 GMT
ETag: "cffb-58a208fff19c0"
Accept-Ranges: bytes
Content-Length: 53243
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ctnbnk012.https443.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 15:13:04 GMT
expires: Fri, 09 May 2025 15:13:04 GMT
cache-control: public, max-age=31536000
age: 52393
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ctnbnk012.https443.org/fonts/LineIcons.ttf?y2l643

68.183.207.96

200 OK

147 kB

URL GET HTTP/1.1
ctnbnk012.https443.org/fonts/LineIcons.ttf?y2l643
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
TrueType Font data, 11 tables, 1st "OS/2", 26 names, Macintosh
Size
147 kB (147216 bytes)
Hash
6e9fb56e13ffdf56a053e86545cafe3e
d34c70ec8e08d1a178551e7a59eb853c7b79e33f
21266db9afe52863719a3921728d4ca557e955d790ce012281cad27fd66f6d9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /fonts/LineIcons.ttf?y2l643 HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/css/LineIcons.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:17 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:34 GMT
ETag: "23f10-587fb527cb980"
Accept-Ranges: bytes
Content-Length: 147216
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/ttf

ctnbnk012.https443.org/img/2.png

68.183.207.96

200 OK

590 B

URL GET HTTP/1.1
ctnbnk012.https443.org/img/2.png
IP
68.183.207.96:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://ctnbnk012.https443.org/

File type
PNG image data, 34 x 45, 8-bit/color RGBA, non-interlaced
Size
590 B (590 bytes)
Hash
6dc825c260afeea86dfcfee3b99f13bf
2ea5c44bc41f6bc8e5d9c806e8daa13c60549847
af7a33a09db8e8b18d6ae5a539e36387d44d64191283060659e62014851f7f0e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.https443 .org Domain

HTTP Headers

GET /img/2.png HTTP/1.1
Host: ctnbnk012.https443.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ctnbnk012.https443.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:46:18 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 03 May 2019 12:59:34 GMT
ETag: "24e-587fb527cb980"
Accept-Ranges: bytes
Content-Length: 590
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://ctnbnk012.https443.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ctnbnk012.https443.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 03:25:26 GMT
expires: Wed, 07 May 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 267651
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML