Report - 199.232.214.172/

Report Overview

Visited public
2024-09-02 04:47:22
Tags
URL
199.232.214.172/
Finishing URL
199.232.214.172/
IP / ASN
199.232.214.172
#54113 FASTLY
Title
Fastly error: unknown domain 199.232.214.172

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 18:12:11	981 B	2.7 kB	23.36.77.32
199.232.214.172	unknown	unknown	2024-04-15 02:06:24	2024-04-15 02:06:24	727 B	1.1 kB	199.232.214.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-02	medium	199.232.214.172	Sinkholed
2024-09-02	medium	199.232.214.172	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7792
Expires: Mon, 02 Sep 2024 06:56:49 GMT
Date: Mon, 02 Sep 2024 04:46:57 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
231aa156f55dd8497dca6a2066312be3
741432c8275492eb38bba5d0841685dc4f864fee
f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10166
Expires: Mon, 02 Sep 2024 07:36:23 GMT
Date: Mon, 02 Sep 2024 04:46:57 GMT
Connection: keep-alive

199.232.214.172/

199.232.214.172

500 Domain Not Found

271 B

URL User Request GET HTTP/1.1
199.232.214.172/
IP
199.232.214.172:80
ASN
#54113 FASTLY

File type
HTML document, ASCII text
Size
271 B (271 bytes)
Hash
a38c69057a3ddbc375aac9a9da7f54bf
ddb10b76990ed9956aa2986c9691851c47d02388
65fba1eed85e08e10492c422cb9bf31adeb3be94f990cad90cf51eaa96f2d803

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 199.232.214.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Domain Not Found
Connection: keep-alive
Content-Length: 271
Server: Varnish
Retry-After: 0
content-type: text/html
Cache-Control: private, no-cache
X-Served-By: cache-hel1410034-HEL
Accept-Ranges: bytes
Date: Mon, 02 Sep 2024 04:46:57 GMT
Via: 1.1 varnish

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4a4558475f4cf98bb3e50c28fa9bb507
cb6f501d6e6530d3862a5185a44b4cb2afdbbd3e
0f9071190d9540a4b9b61adc368010f73de32acfb6e478fcb6188cd42566e491

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0F9071190D9540A4B9B61ADC368010F73DE32ACFB6E478FCB6188CD42566E491"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9398
Expires: Mon, 02 Sep 2024 07:23:36 GMT
Date: Mon, 02 Sep 2024 04:46:58 GMT
Connection: keep-alive

199.232.214.172/favicon.ico

199.232.214.172

500 Domain Not Found

271 B

URL GET HTTP/1.1
199.232.214.172/favicon.ico
IP
199.232.214.172:80
ASN
#54113 FASTLY

Requested by
http://199.232.214.172/

File type
HTML document, ASCII text
Size
271 B (271 bytes)
Hash
a38c69057a3ddbc375aac9a9da7f54bf
ddb10b76990ed9956aa2986c9691851c47d02388
65fba1eed85e08e10492c422cb9bf31adeb3be94f990cad90cf51eaa96f2d803

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 199.232.214.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://199.232.214.172/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Domain Not Found
Connection: keep-alive
Content-Length: 271
Server: Varnish
Retry-After: 0
content-type: text/html
Cache-Control: private, no-cache
X-Served-By: cache-hel1410034-HEL
Accept-Ranges: bytes
Date: Mon, 02 Sep 2024 04:46:58 GMT
Via: 1.1 varnish

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (5)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers