11012705-next.work.gd/?pgviolationid=5dd0cd6760a92aeaba9d29b5aa
149.28.152.61200 OK 775 B URL User Request GET HTTP/1.1 11012705-next.work.gd/?pgviolationid=5dd0cd6760a92aeaba9d29b5aa
IP 149.28.152.61:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f159910654755dbc9a34299ca5d18e9b
fc15aa4e0922c0440a219ef51ec9e0c344ce1c62
73a2e06f2232794dc80abd088e714e34209ec970c11741f17627b26f443f61d4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.work .gd Domain
GET /?pgviolationid=5dd0cd6760a92aeaba9d29b5aa HTTP/1.1
Host: 11012705-next.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Fri, 02 Jun 2023 00:06:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?q=1685664402
151.101.193.229200 OK 25 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?q=1685664402
IP 151.101.193.229:443
Requested by http://11012705-next.work.gd/?pgviolationid=5dd0cd6760a92aeaba9d29b5aa
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?q=1685664402 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://11012705-next.work.gd
DNT: 1
Connection: keep-alive
Referer: http://11012705-next.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:06:43 GMT
age: 6779219
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
11012705-next.work.gd/favicon.ico
149.28.152.61404 Not Found 801 B URL GET HTTP/1.1 11012705-next.work.gd/favicon.ico
IP 149.28.152.61:80
Requested by http://11012705-next.work.gd/?pgviolationid=5dd0cd6760a92aeaba9d29b5aa
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e73a95b9f687eb17713304fe3bc3876c
85f725e8533409e3d985d8e11c190b9bb6c76662
86bbdaf85965d26e0ca58a12abf61e2f946f56f62745e93efaa33115e705dc93
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.work .gd Domain
GET /favicon.ico HTTP/1.1
Host: 11012705-next.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://11012705-next.work.gd/?pgviolationid=5dd0cd6760a92aeaba9d29b5aa
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Fri, 02 Jun 2023 00:06:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"64540b68-5b1"
Content-Encoding: gzip