Report - cbnotif.top/newtransfer

Report Overview

Submitted URL
cbnotif.top/newtransfer
IP
91.212.166.81
ASN
#198953 Proton66 OOO
Submitted
2024-04-16 06:02:33
Access
public
Website Title
Payout
Final URL
cbnotif.top/newtransfer
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	539 B	14 kB	216.58.207.227
cbnotif.top	unknown	2024-03-08	2024-03-08	2024-04-16	9.7 kB	1.3 MB	91.212.166.81
megatimer.ru	456708	2015-01-07	2015-02-16	2024-03-20	405 B	8.9 kB	5.188.114.126
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	896 B	3.3 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-15	medium	cbnotif.top/newtransfer	Coinbase

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed
2024-04-16	medium	cbnotif.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cbnotif.top/js/redirect.js	2.1 kB	2024-04-16	2024-04-26
Pretty URL cbnotif.top/js/redirect.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:02:35 Last Seen2024-04-26 17:52:14 Times Seen6 Hash 9065021c16fb6bb65532e9ea0fb2b867 edb278672f2c992a4e3ee6c608eacfc771be52c1 5d1bc01fdd15fcc10491b74158e438e260db47d027b6b7bbe0464f103c324197 Loading...

	cbnotif.top/js/all.min.js	1.7 MB	2023-03-07	2024-04-28
Pretty URL cbnotif.top/js/all.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:07 Last Seen2024-04-28 08:00:02 Times Seen160 Hash 735c741071f8d6c8ce8b5d50efe5516a 1b67e9bb36ae7104676591491c69c9b767777ab9 8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785 Loading...

	cbnotif.top/jquery-3.6.3.min.js	90 kB	2023-03-10	2024-04-29
Pretty URL cbnotif.top/jquery-3.6.3.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-04-29 19:00:52 Times Seen17512 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	cbnotif.top/get/0df28519263aaa7a5a5df469635b89a7.js	1.4 kB	2024-02-25	2024-04-26
Pretty URL cbnotif.top/get/0df28519263aaa7a5a5df469635b89a7.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 23:53:45 Last Seen2024-04-26 17:52:14 Times Seen9 Hash 83985fc8596c67a9d99934b60dbdfe35 8e4554b43b13b1a0f6e47241ca4e13c06943fb2d 91367450ef904bd9282654a67327eabbdb911d4492ac433cdbe702d28a09126e Loading...

	cbnotif.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js	81 kB	2023-09-18	2024-04-29
Pretty URL cbnotif.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 01:21:14 Last Seen2024-04-29 09:28:25 Times Seen2763 Hash 6baf57f25796c332144ed58a2a0cd9ee f7fd0f3dc84b2cf93bf81e832505a673f354e0a3 82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd Loading...

	cbnotif.top/js/preloader.js	1.4 kB	2024-02-25	2024-04-26
Pretty URL cbnotif.top/js/preloader.js IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 23:53:46 Last Seen2024-04-26 17:52:14 Times Seen12 Hash f030b413e06574186bc82239f3a943fb efe9a731ab833bd4e81b7041dd8a567de874a0a1 7a84ef5ab2e4de14e0b82930ca0b9670ced6a7b5c80ca738855e647588e12349 Loading...

	megatimer.ru/timer/timer.min.js?v=1	28 kB	2023-04-08	2024-04-26
Pretty URL megatimer.ru/timer/timer.min.js?v=1 IP 5.188.114.126 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 15:23:12 Last Seen2024-04-26 17:52:14 Times Seen47 Hash e0bc0b6e2539b2d7efa67c5d4e6526ed 52e0a895e134a3039e27399063c22e1b6de655ef 3dfa46470f083a0dee87814ff57a54a72e98d1e2735ca1774dd487e3824d128f Loading...

	cbnotif.top/newtransfer	0 B	2023-03-07	2024-04-29
Pretty URL cbnotif.top/newtransfer IP 91.212.166.81 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 23:40:57 Times Seen37192574 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - e9bc11f76082d5a02cc590eb13fce0c0	91 B	2024-02-25	2024-04-26
Pretty Observations First Seen2024-02-25 23:53:46 Last Seen2024-04-26 17:52:14 Times Seen6 Hash e9bc11f76082d5a02cc590eb13fce0c0 29ef9452391e24e282b48a83dd851b95b8ab6f39 8976ebb2ffc662b635472b385e7234edde771bfea9dbc3980a3c23479f7fe03e Loading...

HTTP Transactions (26)

URL IP Response Size

cbnotif.top/newtransfer

91.212.166.81

200 OK

2.5 kB

URL User Request GET HTTP/1.1
cbnotif.top/newtransfer
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.5 kB (2503 bytes)
Hash
4a7ba6dac9647bea3ecc18e6554a4013
0c578099f25e81f561c8f00452a3548d06400a59
86a0c2e592073ecc7f391330d29a1af6f6f2380971a1b25fc2505f12bbd4a764

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtransfer HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

cbnotif.top/js/redirect.js

91.212.166.81

200 OK

762 B

URL GET HTTP/1.1
cbnotif.top/js/redirect.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
ASCII text
Size
762 B (762 bytes)
Hash
9065021c16fb6bb65532e9ea0fb2b867
edb278672f2c992a4e3ee6c608eacfc771be52c1
5d1bc01fdd15fcc10491b74158e438e260db47d027b6b7bbe0464f103c324197

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/redirect.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-843"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js

91.212.166.81

200 OK

24 kB

URL GET HTTP/1.1
cbnotif.top/npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (23977 bytes)
Hash
6baf57f25796c332144ed58a2a0cd9ee
f7fd0f3dc84b2cf93bf81e832505a673f354e0a3
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /npm/bootstrap%405.3.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-13b17"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/js/preloader.js

91.212.166.81

200 OK

532 B

URL GET HTTP/1.1
cbnotif.top/js/preloader.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
532 B (532 bytes)
Hash
f030b413e06574186bc82239f3a943fb
efe9a731ab833bd4e81b7041dd8a567de874a0a1
7a84ef5ab2e4de14e0b82930ca0b9670ced6a7b5c80ca738855e647588e12349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/preloader.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-55d"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/get/0df28519263aaa7a5a5df469635b89a7.js

91.212.166.81

200 OK

758 B

URL GET HTTP/1.1
cbnotif.top/get/0df28519263aaa7a5a5df469635b89a7.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1415), with no line terminators
Size
758 B (758 bytes)
Hash
83985fc8596c67a9d99934b60dbdfe35
8e4554b43b13b1a0f6e47241ca4e13c06943fb2d
91367450ef904bd9282654a67327eabbdb911d4492ac433cdbe702d28a09126e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /get/0df28519263aaa7a5a5df469635b89a7.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-587"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/js/all.min.js

91.212.166.81

200 OK

639 kB

URL GET HTTP/1.1
cbnotif.top/js/all.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65317)
Size
639 kB (638728 bytes)
Hash
735c741071f8d6c8ce8b5d50efe5516a
1b67e9bb36ae7104676591491c69c9b767777ab9
8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/all.min.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-1a58e4"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/css/style.css

91.212.166.81

200 OK

8.0 kB

URL GET HTTP/1.1
cbnotif.top/css/style.css
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
ASCII text
Size
8.0 kB (8015 bytes)
Hash
155159eac4e34f0c0e07efd45bb83843
9640541fb7ec362ab5961b5a09b1689f4aecdb28
9c5057e5b5b7178a094ce97056dc5934a1a3f77bdc1b7e1d7dcdffae6bb66e73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-14c11"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/npm/bootstrap%405.3.2/dist/css/bootstrap.min.css

91.212.166.81

200 OK

32 kB

URL GET HTTP/1.1
cbnotif.top/npm/bootstrap%405.3.2/dist/css/bootstrap.min.css
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (65342)
Size
32 kB (31839 bytes)
Hash
cd822b7fd22c8a95a68470c795adea69
1f139981b9b47a766efa0a61bb78ada351f16c4b
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /npm/bootstrap%405.3.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-38df4"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/jquery-3.6.3.min.js

91.212.166.81

200 OK

31 kB

URL GET HTTP/1.1
cbnotif.top/jquery-3.6.3.min.js
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31314 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery-3.6.3.min.js HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-15f5b"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/css2

91.212.166.81

200 OK

2.3 kB

URL GET HTTP/1.1
cbnotif.top/css2
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
2.3 kB (2324 bytes)
Hash
1528c7401c63126c90757f9d8714a9dd
65c04cb4af4b0abba19c5e70d5d6c56982e38165
fdf95d40ff3774ee38c0c0c5e1463afa4cdd228d42f767648ac8650c31eb2be5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css2 HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Length: 2324
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "914-6131cec344774"
Accept-Ranges: bytes

cbnotif.top/img/mob__2.jpg

91.212.166.81

200 OK

18 kB

URL GET HTTP/1.1
cbnotif.top/img/mob__2.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x448, components 3
Size
18 kB (17747 bytes)
Hash
792c8c67f9c4f84ae56876f9d3f8ba80
a4408a2c251fa30373b53d5220df9d254b2e7545
c5e494bc3d150af75465f06e06d69454660007063ce23a3c5ff2e5a2859f7b0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__2.jpg HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/jpeg
Content-Length: 17747
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Connection: keep-alive
ETag: "65ea7763-4553"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotif.top/img/atat.png

91.212.166.81

200 OK

2.7 kB

URL GET HTTP/1.1
cbnotif.top/img/atat.png
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
PNG image data, 58 x 52, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2659 bytes)
Hash
5f967db6551c47e24074618d3c9f1ea0
332ac1bffa988c4ae2453d20ff37f6fbe4794da3
594c46441011960c6c5f2fd5132929d5c176cde76b3d849ac19ed1023d54d101

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/atat.png HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/png
Content-Length: 2659
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Connection: keep-alive
ETag: "65ea7763-a63"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotif.top/img/prices-btc.svg

91.212.166.81

200 OK

610 B

URL GET HTTP/1.1
cbnotif.top/img/prices-btc.svg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
SVG Scalable Vector Graphics image
Size
610 B (610 bytes)
Hash
7ceda033b51da32a2bc853ec46f4d493
d559faeff210ab7a6f055c71d84d22a37d1ac32e
59deb77567dd0807d0b82d44e9657173e8a46f8fbcdee65ba8fbe34f0e34e998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/prices-btc.svg HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/svg+xml
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-43f"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/img/logo.svg

91.212.166.81

200 OK

1.7 kB

URL GET HTTP/1.1
cbnotif.top/img/logo.svg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1705 bytes)
Hash
78b2915b21e673b15957e22970b36c40
d147dd4dde281e9c200ed77ecb29cdaf0f1377e6
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/svg+xml
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65ea7763-ecc"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

cbnotif.top/img/call.png

91.212.166.81

200 OK

57 kB

URL GET HTTP/1.1
cbnotif.top/img/call.png
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
PNG image data, 870 x 872, 8-bit/color RGBA, non-interlaced
Size
57 kB (56823 bytes)
Hash
f746516fd02fd84cd313d29b610e9b9b
23c90c82319793ed2776aefbbe4e7aaa13b22320
608d4f6dd651e478a95fe3404dc74c0353645d0f2c85875b75c9c924dae98ef6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/call.png HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/png
Content-Length: 56823
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Connection: keep-alive
ETag: "65ea7763-ddf7"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotif.top/img/mob__3.jpg

91.212.166.81

200 OK

22 kB

URL GET HTTP/1.1
cbnotif.top/img/mob__3.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x332, components 3
Size
22 kB (22064 bytes)
Hash
37a0ad2c7bb1a7de8e7ebe5ff8b2da1b
34e3cc52e6e4666c5510fda77f13be5094a5ae47
3b21feb4f9ab959e58ee729e2f0eea1f08385acacc99742736e29e5abfba3736

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__3.jpg HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/jpeg
Content-Length: 22064
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Connection: keep-alive
ETag: "65ea7763-5630"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotif.top/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf

91.212.166.81

200 OK

130 kB

URL GET HTTP/1.1
cbnotif.top/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt
Size
130 kB (129584 bytes)
Hash
afe8eacfc0903cc0612dc696881f0480
ba879317acdc045b8fa78cb8f948650627d0477c
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/css2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: font/ttf
Content-Length: 129584
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "1fa30-6131cec342834"
Accept-Ranges: bytes

cbnotif.top/img/mob__1.jpg

91.212.166.81

200 OK

40 kB

URL GET HTTP/1.1
cbnotif.top/img/mob__1.jpg
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x702, components 3
Size
40 kB (40179 bytes)
Hash
d0a34a7c12e884c7dc43a1db4ac99515
169afd67d135c4bcda1be5b62ece33871788a986
9f509fce9dae72c391880655d759145dcaab83a035bb81a63211a00e502125d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/mob__1.jpg HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/jpeg
Content-Length: 40179
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
Connection: keep-alive
ETag: "65ea7763-9cf3"
Expires: Wed, 17 Apr 2024 06:02:09 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409
Size
109 kB (109228 bytes)
Hash
63e25db7f044dee3ba22084763f59da2
2138b6f2d516d60221ac3e278d7dcd4b59ebc1c6
74418c12ce40fae26196087a2b49a3c78578624b3d31a82cecb13aa0143e5daa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/css2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: font/ttf
Content-Length: 109228
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "1aaac-6131cec342834"
Accept-Ranges: bytes

cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409
Size
109 kB (109088 bytes)
Hash
16b9069ddafebf2a329e617eeab54b9c
de43b1e747bbb90c925000960a4c81bb72bbf27f
60f87f3d017520b41fb16f864ec85551fe9070ef26c97d0cca565bc3281f13d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w-.ttf HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/css2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: font/ttf
Content-Length: 109088
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "1aa20-6131cec3437d4"
Accept-Ranges: bytes

cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf

91.212.166.81

200 OK

109 kB

URL GET HTTP/1.1
cbnotif.top/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409
Size
109 kB (108772 bytes)
Hash
f41566693052bcad977bb13d15a4fbf1
c21ae240501dce61fbbec0d221e792bca0d12e34
387b35044e68ac48ee471ad469976de61e3d0e36120cb09fe7c5101f1f31db62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/css2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: font/ttf
Content-Length: 108772
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "1a8e4-6131cec3437d4"
Accept-Ranges: bytes

megatimer.ru/timer/timer.min.js?v=1

5.188.114.126

200 OK

8.6 kB

URL GET HTTP/2
megatimer.ru/timer/timer.min.js?v=1
IP
5.188.114.126:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectmegatimer.ru
FingerprintBD:DD:E9:11:7C:35:C4:E6:E9:E7:27:6D:5D:FA:42:B5:E9:EE:02:ED
ValiditySun, 07 Apr 2024 07:13:03 GMT - Sat, 06 Jul 2024 07:13:02 GMT

File type
gzip compressed data, from Unix
Size
8.6 kB (8619 bytes)
Hash
1d2d9173446f73ab73f53a9435d274fb
5762085aba769cecdceb9aa2d5ddcdb0c49b5827
6b3887aee6bd1f42c4c86821ed3038ca5f1d54c98e14dd41b74a6b2a210bd839

HTTP Headers

GET /timer/timer.min.js?v=1 HTTP/1.1
Host: megatimer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 06:02:07 GMT
content-type: application/javascript
last-modified: Fri, 01 May 2020 12:45:46 GMT
vary: Accept-Encoding
etag: W/"5eac19fa-6c37"
expires: Thu, 16 May 2024 06:02:07 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic

142.250.74.74

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.0 kB (1041 bytes)
Hash
6b6207e1ed8f221cabcbafa2bbd5a4c8
199c3a9e286dfea263a9b478994e725f681963d4
edbba3ae3008472376c303900f7836a49a247c3b805198383e242bfe43654a37

HTTP Headers

GET /css?family=Comfortaa&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:02:07 GMT
date: Tue, 16 Apr 2024 06:02:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13620, version 1.0
Size
14 kB (13620 bytes)
Hash
fb9f3b92ba47a506c571a6cdc822ee33
603746b9b81c8687a95e1a5743ddb087c9b71b5a
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7

HTTP Headers

GET /s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cbnotif.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:40:24 GMT
expires: Fri, 11 Apr 2025 17:40:24 GMT
cache-control: public, max-age=31536000
age: 390103
last-modified: Thu, 24 Aug 2023 20:50:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Russo+One&subset=latin,cyrillic

142.250.74.74

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Russo+One&subset=latin,cyrillic
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1048), with no line terminators
Size
1.0 kB (1024 bytes)
Hash
12ae8a829132eff9ee28e2c6bc95facf
5584fdb4b37d661583da802f43ac3a81bed2e35e
4b5b3b575dd77097f22a5de9e634c18526b116fdea4042d0d6e01d26da4663be

HTTP Headers

GET /css?family=Russo+One&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:02:07 GMT
date: Tue, 16 Apr 2024 06:02:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cbnotif.top/favicon.ico

91.212.166.81

200 OK

870 B

URL GET HTTP/1.1
cbnotif.top/favicon.ico
IP
91.212.166.81:443
ASN
#198953 Proton66 OOO

Requested by
https://cbnotif.top/newtransfer
Certificate
IssuerLet's Encrypt
Subjectcbnotif.top
FingerprintF1:8A:76:90:24:3D:AF:8B:30:E0:77:35:FF:42:54:38:3A:2E:B7:00
ValidityFri, 08 Mar 2024 01:30:17 GMT - Thu, 06 Jun 2024 01:30:16 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
870 B (870 bytes)
Hash
902bacdcf9631d11935484151497a89e
6deea128d9c1ee1f79a24490de4d3975392627f5
d31e282ffb3bb5dd30928d26363a710a61d3909673cfb551f10195517c34e30b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cbnotif.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cbnotif.top/newtransfer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 06:02:09 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 870
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 02:26:43 GMT
ETag: "366-6131cec344774"
Accept-Ranges: bytes
Cache-Control: max-age=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML