Report - 3ygdt.pages.dev/

Report Overview

Visitedpublic

2024-08-19 20:50:07

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Sent	Received	IP
r10.o.lencr.org	unknown	981 B	2.7 kB	23.36.76.226
r11.o.lencr.org	unknown	981 B	2.7 kB	23.36.77.32
3ygdt.pages.dev	unknown	1.8 kB	36 kB	172.66.46.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	3ygdt.pages.dev/	ScriptElement	0 B	0001-01-01	2025-08-05
URL 3ygdt.pages.dev/ IP / ASN 172.66.46.245 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-05 Times Seen 5676122 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	3ygdt.pages.dev/	ScriptElement	393 B	2023-04-05	2025-03-02
URL 3ygdt.pages.dev/ IP / ASN 172.66.46.245 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-04-05 Last Seen 2025-03-02 Times Seen 143291 Size 393 B (393 bytes) MD5 34ad0a116707d3b794129a6720af92d7 SHA1 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 SHA256 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Format Code Loading...

	3ygdt.pages.dev/	ScriptElement	0 B	0001-01-01	2025-08-05
URL 3ygdt.pages.dev/ IP / ASN 172.66.46.245 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-05 Times Seen 5676122 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

HTTP Transactions (10)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-21

Times Seen14380

Size504 B (504 bytes)

MD5845d79542d05f08c933181b3750ce01b

SHA10220d4237c8891f2c270be589e23d0036c397d62

SHA2564689a75cc3d66fe81d22664238a8bf82f2c96f28f52752eaf39f5d4aee4b3f51

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4689A75CC3D66FE81D22664238A8BF82F2C96F28F52752EAF39F5D4AEE4B3F51"
Last-Modified: Sun, 18 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2259
Expires: Mon, 19 Aug 2024 21:27:20 GMT
Date: Mon, 19 Aug 2024 20:49:41 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-22

Times Seen40825

Size504 B (504 bytes)

MD550a89b39234eb6cc4eda70d7e27be17f

SHA1306340eb26b6817fd8851a085563a88eed7e2b6b

SHA256eaabd011ed0722deeee97e566b8318b17d8e993d31db4c2cc31cf0e3cd8191f5

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EAABD011ED0722DEEEE97E566B8318B17D8E993D31DB4C2CC31CF0E3CD8191F5"
Last-Modified: Mon, 19 Aug 2024 12:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8317
Expires: Mon, 19 Aug 2024 23:08:18 GMT
Date: Mon, 19 Aug 2024 20:49:41 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-17

Last Seen2024-08-21

Times Seen37163

Size504 B (504 bytes)

MD569a9603269726ce602d708bf57058c4c

SHA18689e9ea81ea9636e7b08c3ed42650553a0c4e3b

SHA2561a2339d740b715f3df1900d80114c8376ead57205961a6f896edf37b3ee3a897

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A2339D740B715F3DF1900D80114C8376EAD57205961A6F896EDF37B3EE3A897"
Last-Modified: Sat, 17 Aug 2024 09:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13752
Expires: Tue, 20 Aug 2024 00:38:54 GMT
Date: Mon, 19 Aug 2024 20:49:42 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen40508

Size504 B (504 bytes)

MD518f75729f3e25e2eb7f12b70dfce3849

SHA1479177b92dda7c4e8763c80a15cbc71c3386d06c

SHA2560b7da2da1fcba23c5118479e14828f87a605a32af15d0962f216115a9ff1d02a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B7DA2DA1FCBA23C5118479E14828F87A605A32AF15D0962F216115A9FF1D02A"
Last-Modified: Sun, 18 Aug 2024 15:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11814
Expires: Tue, 20 Aug 2024 00:06:36 GMT
Date: Mon, 19 Aug 2024 20:49:42 GMT
Connection: keep-alive

GET 3ygdt.pages.dev/cdn-cgi/styles/cf.errors.css

172.66.46.245

200 OK

5.0 kB

URL GET HTTPS

3ygdt.pages.dev/cdn-cgi/styles/cf.errors.css

IP / ASN

172.66.46.245

#13335 CLOUDFLARENET

Requested byhttps://3ygdt.pages.dev/

Resource Info

File typegzip compressed data, from Unix

First Seen2024-04-15

Last Seen2025-02-27

Times Seen5174

Size5.0 kB (4967 bytes)

MD5718aaf0ef86a42f97f655e1c26e3cebf

SHA140f4f6e39d6cdc2281d69961709dc920fc4260ab

SHA2567209a90e0ee1ecd19c1c59990640de53c93186bca91ba44df562a8ad1aa53aed

Certificate Info

IssuerGoogle Trust Services

Subject3ygdt.pages.dev

FingerprintF6:9E:77:15:A3:1D:D4:3B:03:8B:6F:1A:99:0F:BD:9D:C9:EC:10:D0

ValiditySat, 06 Jul 2024 20:15:46 GMT - Fri, 04 Oct 2024 20:15:45 GMT

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: 3ygdt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3ygdt.pages.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Aug 2024 20:49:42 GMT
content-type: text/css
last-modified: Tue, 13 Aug 2024 15:08:45 GMT
etag: W/"66bb76fd-5df3"
server: cloudflare
cf-ray: 8b5d0303189e56be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 19 Aug 2024 22:49:42 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen37247

Size504 B (504 bytes)

MD57944981bcac427aa8d0aa016ec63764d

SHA148bf925b10dc02afa8f597af8d26f5bf5efc0b7e

SHA25626bde594c33cd3386f4e65e3eaf0fc048fca46ed4a185f5c2aa70e8deeaffb0a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "26BDE594C33CD3386F4E65E3EAF0FC048FCA46ED4A185F5C2AA70E8DEEAFFB0A"
Last-Modified: Sat, 17 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Mon, 19 Aug 2024 21:40:59 GMT
Date: Mon, 19 Aug 2024 20:49:44 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen37247

Size504 B (504 bytes)

MD57944981bcac427aa8d0aa016ec63764d

SHA148bf925b10dc02afa8f597af8d26f5bf5efc0b7e

SHA25626bde594c33cd3386f4e65e3eaf0fc048fca46ed4a185f5c2aa70e8deeaffb0a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "26BDE594C33CD3386F4E65E3EAF0FC048FCA46ED4A185F5C2AA70E8DEEAFFB0A"
Last-Modified: Sat, 17 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Mon, 19 Aug 2024 21:40:59 GMT
Date: Mon, 19 Aug 2024 20:49:44 GMT
Connection: keep-alive

GET 3ygdt.pages.dev/

172.66.46.245

200 OK

11 kB

URL User Request GET HTTPS

3ygdt.pages.dev/

IP / ASN

172.66.46.245

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typegzip compressed data, from Unix

First Seen2024-08-21

Last Seen2024-08-21

Times Seen1

Size11 kB (10911 bytes)

MD5d9cd3ece3d711edb9b04a72c25983be1

SHA1019e0a26eaaa546ee81a28f13fc128e821ee180d

SHA256cc0ce45b38acf62816142b12789143a7d6d84c8b8d046b6b6e470a86d8d212c7

Certificate Info

IssuerGoogle Trust Services

Subject3ygdt.pages.dev

FingerprintF6:9E:77:15:A3:1D:D4:3B:03:8B:6F:1A:99:0F:BD:9D:C9:EC:10:D0

ValiditySat, 06 Jul 2024 20:15:46 GMT - Fri, 04 Oct 2024 20:15:45 GMT

HTTP Headers

GET / HTTP/1.1
Host: 3ygdt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 19 Aug 2024 20:49:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMcgmkDE0wSbLnzASCEfSb8Z%2BitMDDxbeFN4UUDjbSiyUOFBmZyD7be%2B7rwwS7umjWmZr56QSkwgN8%2F%2B1KelHy6lj2bYAgR8XHcw5dMFYllw%2B3PXVDmgbQixPdK7Pf2hh%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b5d03009d6056be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET 3ygdt.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

172.66.46.245

200 OK

452 B

URL GET HTTPS

3ygdt.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

IP / ASN

172.66.46.245

#13335 CLOUDFLARENET

Requested byhttps://3ygdt.pages.dev/

Resource Info

File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced

First Seen2023-04-12

Last Seen2025-08-05

Times Seen201421

Size452 B (452 bytes)

MD5c33de66281e933259772399d10a6afe8

SHA1b9f9d500f8814381451011d4dcf59cd2d90ad94f

SHA256f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Certificate Info

IssuerGoogle Trust Services

Subject3ygdt.pages.dev

FingerprintF6:9E:77:15:A3:1D:D4:3B:03:8B:6F:1A:99:0F:BD:9D:C9:EC:10:D0

ValiditySat, 06 Jul 2024 20:15:46 GMT - Fri, 04 Oct 2024 20:15:45 GMT

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: 3ygdt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3ygdt.pages.dev/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 19 Aug 2024 20:49:42 GMT
content-type: image/png
content-length: 452
last-modified: Tue, 13 Aug 2024 15:08:45 GMT
etag: "66bb76fd-1c4"
server: cloudflare
cf-ray: 8b5d0303590856be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 19 Aug 2024 22:49:42 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 3ygdt.pages.dev/favicon.ico

172.66.46.245

200 OK

18 kB

URL GET HTTPS

3ygdt.pages.dev/favicon.ico

IP / ASN

172.66.46.245

#13335 CLOUDFLARENET

Requested byhttps://3ygdt.pages.dev/

Resource Info

File typeMS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-04-17

Last Seen2025-08-05

Times Seen11840

Size18 kB (17542 bytes)

MD5ca6619b86c2f6e6068b69ba3aaddb7e4

SHA1c44a1bb9d14385334eb851fbb0afb19d961c1ee7

SHA25617d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09

Certificate Info

IssuerGoogle Trust Services

Subject3ygdt.pages.dev

FingerprintF6:9E:77:15:A3:1D:D4:3B:03:8B:6F:1A:99:0F:BD:9D:C9:EC:10:D0

ValiditySat, 06 Jul 2024 20:15:46 GMT - Fri, 04 Oct 2024 20:15:45 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 3ygdt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3ygdt.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 19 Aug 2024 20:49:43 GMT
content-type: image/x-icon
cf-ray: 8b5d0303994d56be-OSL
cf-cache-status: MISS
etag: W/"4486-490c87c5a6340"
last-modified: Tue, 21 Sep 2010 17:37:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bg89QNXLAGDBATvbsFP7yhgaUDy-jGMadqjNZRWeYRlWAlOi6_Pz5Q==
x-amz-cf-pop: OSL50-C1
x-amz-rid: 5V13F4V6QSVJ7FW3D1PR
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqrzqxTdTqNW%2FVKIHDDvYt%2FwlPSFmzr%2FmkYCHkAARpHBkorYpR6PMQgH1wb87smY6%2FcdlXTpO2b4LuOIotV8C5yLSfezhuDGTMbhtLetSmWcgsbH9cfJc4OiqE1ylIdKNCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2