Report - redbitparts.top/go/z2b4u2/03a4?label=sub

Report Overview

Submitted URL
redbitparts.top/go/z2b4u2/03a4?label=sub
IP
91.212.166.81
ASN
#198953 Proton66 OOO
Submitted
2024-04-26 15:52:07
Access
public
Website Title
Payout
Final URL
cbnotifse.top/newtransfer
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
redbitparts.top	unknown	2023-12-25	2023-12-25	2024-03-05	494 B	795 B	91.212.166.81
cbnotifse.top	unknown	unknown	No data	No data	15 kB	1.3 MB	91.212.166.81
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	900 B	16 kB	142.250.74.106
megatimer.ru	456708	2015-01-07	2015-02-16	2024-04-16	407 B	15 kB	5.188.114.126
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	543 B	14 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	redbitparts.top/go/z2b4u2/03a4?label=sub	Coinbase

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	redbitparts.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed
2024-04-26	medium	cbnotifse.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cbnotifse.top/jquery-3.6.3.min.js	90 kB	2023-03-10	2024-05-07
Pretty URL cbnotifse.top/jquery-3.6.3.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-07 11:24:12 Times Seen17649 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	megatimer.ru/timer/timer.min.js?v=1	28 kB	2023-04-08	2024-04-26
Pretty URL megatimer.ru/timer/timer.min.js?v=1 IP 5.188.114.126 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 15:23:12 Last Seen2024-04-26 17:52:14 Times Seen47 Hash e0bc0b6e2539b2d7efa67c5d4e6526ed 52e0a895e134a3039e27399063c22e1b6de655ef 3dfa46470f083a0dee87814ff57a54a72e98d1e2735ca1774dd487e3824d128f Loading...

	cbnotifse.top/js/redirect.js	2.1 kB	2024-04-16	2024-04-26
Pretty URL cbnotifse.top/js/redirect.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:02:35 Last Seen2024-04-26 17:52:14 Times Seen6 Hash 9065021c16fb6bb65532e9ea0fb2b867 edb278672f2c992a4e3ee6c608eacfc771be52c1 5d1bc01fdd15fcc10491b74158e438e260db47d027b6b7bbe0464f103c324197 Loading...

	cbnotifse.top/js/all.min.js	1.7 MB	2023-03-07	2024-04-28
Pretty URL cbnotifse.top/js/all.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:07 Last Seen2024-04-28 08:00:02 Times Seen160 Hash 735c741071f8d6c8ce8b5d50efe5516a 1b67e9bb36ae7104676591491c69c9b767777ab9 8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785 Loading...

	cbnotifse.top/get/0df28519263aaa7a5a5df469635b89a7.js	1.4 kB	2024-02-25	2024-04-26
Pretty URL cbnotifse.top/get/0df28519263aaa7a5a5df469635b89a7.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 23:53:45 Last Seen2024-04-26 17:52:14 Times Seen9 Hash 83985fc8596c67a9d99934b60dbdfe35 8e4554b43b13b1a0f6e47241ca4e13c06943fb2d 91367450ef904bd9282654a67327eabbdb911d4492ac433cdbe702d28a09126e Loading...

	cbnotifse.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js	81 kB	2023-09-18	2024-05-07
Pretty URL cbnotifse.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 01:21:14 Last Seen2024-05-07 06:09:49 Times Seen2825 Hash 6baf57f25796c332144ed58a2a0cd9ee f7fd0f3dc84b2cf93bf81e832505a673f354e0a3 82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd Loading...

	cbnotifse.top/js/preloader.js	1.4 kB	2024-02-25	2024-04-26
Pretty URL cbnotifse.top/js/preloader.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 23:53:46 Last Seen2024-04-26 17:52:14 Times Seen12 Hash f030b413e06574186bc82239f3a943fb efe9a731ab833bd4e81b7041dd8a567de874a0a1 7a84ef5ab2e4de14e0b82930ca0b9670ced6a7b5c80ca738855e647588e12349 Loading...

	cbnotifse.top/newtransfer	0 B	2023-03-07	2024-05-07
Pretty URL cbnotifse.top/newtransfer IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 11:40:54 Times Seen37400724 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - e9bc11f76082d5a02cc590eb13fce0c0	91 B	2024-02-25	2024-04-26
Pretty Observations First Seen2024-02-25 23:53:46 Last Seen2024-04-26 17:52:14 Times Seen6 Hash e9bc11f76082d5a02cc590eb13fce0c0 29ef9452391e24e282b48a83dd851b95b8ab6f39 8976ebb2ffc662b635472b385e7234edde771bfea9dbc3980a3c23479f7fe03e Loading...

HTTP Transactions (29)

URL IP Response Size

redbitparts.top/go/z2b4u2/03a4?label=sub

91.212.166.81

302 Found

0 B

URL User Request GET HTTP/1.1
redbitparts.top/go/z2b4u2/03a4?label=sub
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectredbitparts.top
Fingerprint46:09:58:A3:42:51:AE:8E:0D:58:9C:21:F7:85:9B:37:B4:63:BF:A2
ValiditySat, 09 Mar 2024 02:58:28 GMT - Fri, 07 Jun 2024 02:58:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /go/z2b4u2/03a4?label=sub HTTP/1.1
Host: redbitparts.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=anq5hchal5gtesne7aempp7u4h; expires=Fri, 26-Jun-2043 15:51:43 GMT; Max-Age=604800000; path=/; domain=redbitparts.top
ofr_34=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D; expires=Mon, 27-May-2024 15:51:43 GMT; Max-Age=2678400; path=/; domain=redbitparts.top
Location: https://cbnotifse.top/newtransfer?b=YTo0OntzOjU6ImxhYmVsIjtzOjM6InN1YiI7czozOiJ1c3IiO2k6MjUwO3M6NDoibm9wZCI7czoxNToicmVkYml0cGFydHMudG9wIjtzOjE6Im8iO2k6MzQ7fQ==

cbnotifse.top/newtransfer?b=YTo0OntzOjU6ImxhYmVsIjtzOjM6InN1YiI7czozOiJ1c3IiO2k6MjUwO3M6NDoibm9wZCI7czoxNToicmVkYml0cGFydHMudG9wIjtzOjE6Im8iO2k6MzQ7fQ==

91.212.166.81

302 Found

0 B

URL User Request GET HTTP/1.1
cbnotifse.top/newtransfer?b=YTo0OntzOjU6ImxhYmVsIjtzOjM6InN1YiI7czozOiJ1c3IiO2k6MjUwO3M6NDoibm9wZCI7czoxNToicmVkYml0cGFydHMudG9wIjtzOjE6Im8iO2k6MzQ7fQ==
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtransfer?b=YTo0OntzOjU6ImxhYmVsIjtzOjM6InN1YiI7czozOiJ1c3IiO2k6MjUwO3M6NDoibm9wZCI7czoxNToicmVkYml0cGFydHMudG9wIjtzOjE6Im8iO2k6MzQ7fQ== HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D; expires=Mon, 27-May-2024 15:51:44 GMT; Max-Age=2678400; path=/; domain=cbnotifse.top
Location: http://cbnotifse.top/newtransfer

cbnotifse.top/newtransfer

91.212.166.81

200 OK

169 B

URL User Request GET HTTP/1.1
cbnotifse.top/newtransfer
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtransfer HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cbnotifse.top:443/newtransfer

cbnotifse.top/newtransfer

91.212.166.81

200 OK

2.5 kB

URL User Request GET HTTP/1.1
cbnotifse.top/newtransfer
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.5 kB (2503 bytes)
Hash
4a7ba6dac9647bea3ecc18e6554a4013
0c578099f25e81f561c8f00452a3548d06400a59
86a0c2e592073ecc7f391330d29a1af6f6f2380971a1b25fc2505f12bbd4a764

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtransfer HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

cbnotifse.top/js/redirect.js

91.212.166.81

200 OK

762 B

URL GET HTTP/1.1
cbnotifse.top/js/redirect.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
ASCII text
Size
762 B (762 bytes)
Hash
9065021c16fb6bb65532e9ea0fb2b867
edb278672f2c992a4e3ee6c608eacfc771be52c1
5d1bc01fdd15fcc10491b74158e438e260db47d027b6b7bbe0464f103c324197

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/redirect.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-843"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/npm/bootstrap%405.3.2/dist/css/bootstrap.min.css

91.212.166.81

200 OK

32 kB

URL GET HTTP/1.1
cbnotifse.top/npm/bootstrap%405.3.2/dist/css/bootstrap.min.css
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (65342)
Size
32 kB (31839 bytes)
Hash
cd822b7fd22c8a95a68470c795adea69
1f139981b9b47a766efa0a61bb78ada351f16c4b
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /npm/bootstrap%405.3.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-38df4"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/css/style.css

91.212.166.81

200 OK

8.0 kB

URL GET HTTP/1.1
cbnotifse.top/css/style.css
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
ASCII text
Size
8.0 kB (8015 bytes)
Hash
155159eac4e34f0c0e07efd45bb83843
9640541fb7ec362ab5961b5a09b1689f4aecdb28
9c5057e5b5b7178a094ce97056dc5934a1a3f77bdc1b7e1d7dcdffae6bb66e73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-14c11"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/get/0df28519263aaa7a5a5df469635b89a7.js

91.212.166.81

200 OK

758 B

URL GET HTTP/1.1
cbnotifse.top/get/0df28519263aaa7a5a5df469635b89a7.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1415), with no line terminators
Size
758 B (758 bytes)
Hash
83985fc8596c67a9d99934b60dbdfe35
8e4554b43b13b1a0f6e47241ca4e13c06943fb2d
91367450ef904bd9282654a67327eabbdb911d4492ac433cdbe702d28a09126e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /get/0df28519263aaa7a5a5df469635b89a7.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-587"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/js/preloader.js

91.212.166.81

200 OK

532 B

URL GET HTTP/1.1
cbnotifse.top/js/preloader.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
532 B (532 bytes)
Hash
f030b413e06574186bc82239f3a943fb
efe9a731ab833bd4e81b7041dd8a567de874a0a1
7a84ef5ab2e4de14e0b82930ca0b9670ced6a7b5c80ca738855e647588e12349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/preloader.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-55d"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js

91.212.166.81

200 OK

24 kB

URL GET HTTP/1.1
cbnotifse.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (23977 bytes)
Hash
6baf57f25796c332144ed58a2a0cd9ee
f7fd0f3dc84b2cf93bf81e832505a673f354e0a3
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-13b17"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/jquery-3.6.3.min.js

91.212.166.81

200 OK

31 kB

URL GET HTTP/1.1
cbnotifse.top/jquery-3.6.3.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31314 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery-3.6.3.min.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-15f5b"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/css2

91.212.166.81

200 OK

2.3 kB

URL GET HTTP/1.1
cbnotifse.top/css2
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
2.3 kB (2324 bytes)
Hash
1528c7401c63126c90757f9d8714a9dd
65c04cb4af4b0abba19c5e70d5d6c56982e38165
fdf95d40ff3774ee38c0c0c5e1463afa4cdd228d42f767648ac8650c31eb2be5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css2 HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/css/style.css
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Length: 2324
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "914-616c2887f6713"
Accept-Ranges: bytes

cbnotifse.top/js/all.min.js

91.212.166.81

200 OK

639 kB

URL GET HTTP/1.1
cbnotifse.top/js/all.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65317)
Size
639 kB (638728 bytes)
Hash
735c741071f8d6c8ce8b5d50efe5516a
1b67e9bb36ae7104676591491c69c9b767777ab9
8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/all.min.js HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:44 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-1a58e4"
Expires: Sat, 27 Apr 2024 15:51:44 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/img/mob__3.jpg

91.212.166.81

200 OK

22 kB

URL GET HTTP/1.1
cbnotifse.top/img/mob__3.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x332, components 3
Size
22 kB (22064 bytes)
Hash
37a0ad2c7bb1a7de8e7ebe5ff8b2da1b
34e3cc52e6e4666c5510fda77f13be5094a5ae47
3b21feb4f9ab959e58ee729e2f0eea1f08385acacc99742736e29e5abfba3736

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__3.jpg HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/jpeg
Content-Length: 22064
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Connection: keep-alive
ETag: "6627a6c5-5630"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotifse.top/img/mob__2.jpg

91.212.166.81

200 OK

18 kB

URL GET HTTP/1.1
cbnotifse.top/img/mob__2.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x448, components 3
Size
18 kB (17747 bytes)
Hash
792c8c67f9c4f84ae56876f9d3f8ba80
a4408a2c251fa30373b53d5220df9d254b2e7545
c5e494bc3d150af75465f06e06d69454660007063ce23a3c5ff2e5a2859f7b0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__2.jpg HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/jpeg
Content-Length: 17747
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Connection: keep-alive
ETag: "6627a6c5-4553"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotifse.top/img/logo.svg

91.212.166.81

200 OK

1.7 kB

URL GET HTTP/1.1
cbnotifse.top/img/logo.svg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1705 bytes)
Hash
78b2915b21e673b15957e22970b36c40
d147dd4dde281e9c200ed77ecb29cdaf0f1377e6
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-ecc"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/img/call.png

91.212.166.81

200 OK

57 kB

URL GET HTTP/1.1
cbnotifse.top/img/call.png
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
PNG image data, 870 x 872, 8-bit/color RGBA, non-interlaced
Size
57 kB (56823 bytes)
Hash
f746516fd02fd84cd313d29b610e9b9b
23c90c82319793ed2776aefbbe4e7aaa13b22320
608d4f6dd651e478a95fe3404dc74c0353645d0f2c85875b75c9c924dae98ef6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/call.png HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/png
Content-Length: 56823
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Connection: keep-alive
ETag: "6627a6c5-ddf7"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotifse.top/img/mob__1.jpg

91.212.166.81

200 OK

40 kB

URL GET HTTP/1.1
cbnotifse.top/img/mob__1.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x702, components 3
Size
40 kB (40179 bytes)
Hash
d0a34a7c12e884c7dc43a1db4ac99515
169afd67d135c4bcda1be5b62ece33871788a986
9f509fce9dae72c391880655d759145dcaab83a035bb81a63211a00e502125d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__1.jpg HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/jpeg
Content-Length: 40179
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Connection: keep-alive
ETag: "6627a6c5-9cf3"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotifse.top/img/atat.png

91.212.166.81

200 OK

2.7 kB

URL GET HTTP/1.1
cbnotifse.top/img/atat.png
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
PNG image data, 58 x 52, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2659 bytes)
Hash
5f967db6551c47e24074618d3c9f1ea0
332ac1bffa988c4ae2453d20ff37f6fbe4794da3
594c46441011960c6c5f2fd5132929d5c176cde76b3d849ac19ed1023d54d101

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/atat.png HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/png
Content-Length: 2659
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Connection: keep-alive
ETag: "6627a6c5-a63"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotifse.top/img/prices-btc.svg

91.212.166.81

200 OK

610 B

URL GET HTTP/1.1
cbnotifse.top/img/prices-btc.svg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
SVG Scalable Vector Graphics image
Size
610 B (610 bytes)
Hash
7ceda033b51da32a2bc853ec46f4d493
d559faeff210ab7a6f055c71d84d22a37d1ac32e
59deb77567dd0807d0b82d44e9657173e8a46f8fbcdee65ba8fbe34f0e34e998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/prices-btc.svg HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6627a6c5-43f"
Expires: Sat, 27 Apr 2024 15:51:45 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409
Size
109 kB (109228 bytes)
Hash
63e25db7f044dee3ba22084763f59da2
2138b6f2d516d60221ac3e278d7dcd4b59ebc1c6
74418c12ce40fae26196087a2b49a3c78578624b3d31a82cecb13aa0143e5daa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/css2
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: font/ttf
Content-Length: 109228
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "1aaac-616c2887f47d3"
Accept-Ranges: bytes

cbnotifse.top/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf

91.212.166.81

200 OK

130 kB

URL GET HTTP/1.1
cbnotifse.top/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt
Size
130 kB (129584 bytes)
Hash
afe8eacfc0903cc0612dc696881f0480
ba879317acdc045b8fa78cb8f948650627d0477c
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/css2
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: font/ttf
Content-Length: 129584
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "1fa30-616c2887f3833"
Accept-Ranges: bytes

cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409
Size
109 kB (109088 bytes)
Hash
16b9069ddafebf2a329e617eeab54b9c
de43b1e747bbb90c925000960a4c81bb72bbf27f
60f87f3d017520b41fb16f864ec85551fe9070ef26c97d0cca565bc3281f13d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/css2
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: font/ttf
Content-Length: 109088
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "1aa20-616c2887f5773"
Accept-Ranges: bytes

cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotifse.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409
Size
109 kB (108772 bytes)
Hash
f41566693052bcad977bb13d15a4fbf1
c21ae240501dce61fbbec0d221e792bca0d12e34
387b35044e68ac48ee471ad469976de61e3d0e36120cb09fe7c5101f1f31db62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/css2
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: font/ttf
Content-Length: 108772
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "1a8e4-616c2887f5773"
Accept-Ranges: bytes

cbnotifse.top/favicon.ico

91.212.166.81

200 OK

870 B

URL GET HTTP/1.1
cbnotifse.top/favicon.ico
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotifse.top
Fingerprint1E:F5:69:96:AD:37:65:91:8F:BE:AF:1F:BF:84:94:E8:6E:8D:87:AB
ValidityTue, 23 Apr 2024 11:18:17 GMT - Mon, 22 Jul 2024 11:18:16 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
870 B (870 bytes)
Hash
902bacdcf9631d11935484151497a89e
6deea128d9c1ee1f79a24490de4d3975392627f5
d31e282ffb3bb5dd30928d26363a710a61d3909673cfb551f10195517c34e30b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cbnotifse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/newtransfer
Cookie: ofr=a%3A4%3A%7Bs%3A5%3A%22label%22%3Bs%3A3%3A%22sub%22%3Bs%3A3%3A%22usr%22%3Bi%3A250%3Bs%3A4%3A%22nopd%22%3Bs%3A15%3A%22redbitparts.top%22%3Bs%3A1%3A%22o%22%3Bi%3A34%3B%7D; timer0df28519263aaa7a5a5df469635b89a7=1714220202909
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:51:45 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 870
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 12:17:09 GMT
ETag: "366-616c2887f6713"
Accept-Ranges: bytes
Cache-Control: max-age=2592000

fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
14 kB (14189 bytes)
Hash
8fbb5dd7ecfa59f1aceab6e15bd7e8f4
ff844b3a0fbc08eda120c17115ce16c7661f4997
0a6c26fe7f8a5529039e685a7adf89edfee5cffd6c09e65610a7c53f67b74658

HTTP Headers

GET /css?family=Comfortaa&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:51:43 GMT
date: Fri, 26 Apr 2024 15:51:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megatimer.ru/timer/timer.min.js?v=1

5.188.114.126

200 OK

15 kB

URL GET HTTP/2
megatimer.ru/timer/timer.min.js?v=1
IP
5.188.114.126:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectmegatimer.ru
FingerprintBD:DD:E9:11:7C:35:C4:E6:E9:E7:27:6D:5D:FA:42:B5:E9:EE:02:ED
ValiditySun, 07 Apr 2024 07:13:03 GMT - Sat, 06 Jul 2024 07:13:02 GMT

File type
gzip compressed data, from Unix
Size
15 kB (14642 bytes)
Hash
35664c93fd2f63eca3537162f4c72776
4dca7ce2f20457ca931edb7e1d42492417173e88
9e7b343e1000855e7d3be723a1979ba64ac47c435de4d0ac384e92b49f194a58

HTTP Headers

GET /timer/timer.min.js?v=1 HTTP/1.1
Host: megatimer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 15:51:42 GMT
content-type: application/javascript
last-modified: Fri, 01 May 2020 12:45:46 GMT
vary: Accept-Encoding
etag: W/"5eac19fa-6c37"
expires: Sun, 26 May 2024 15:51:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Russo+One&subset=latin,cyrillic

142.250.74.106

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Russo+One&subset=latin,cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1048), with no line terminators
Size
1.0 kB (1024 bytes)
Hash
12ae8a829132eff9ee28e2c6bc95facf
5584fdb4b37d661583da802f43ac3a81bed2e35e
4b5b3b575dd77097f22a5de9e634c18526b116fdea4042d0d6e01d26da4663be

HTTP Headers

GET /css?family=Russo+One&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotifse.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:51:43 GMT
date: Fri, 26 Apr 2024 15:51:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cbnotifse.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13620, version 1.0
Size
14 kB (13620 bytes)
Hash
fb9f3b92ba47a506c571a6cdc822ee33
603746b9b81c8687a95e1a5743ddb087c9b71b5a
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7

HTTP Headers

GET /s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cbnotifse.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:40:49 GMT
expires: Fri, 25 Apr 2025 17:40:49 GMT
cache-control: public, max-age=31536000
age: 79854
last-modified: Thu, 24 Aug 2023 20:50:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML