urlquery - report: www.lazarus.team/ertr/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP	Comment
www.lazarus.team (2)	0	2023-04-27 08:59:35	2023-05-24 21:08:07	744	817	81.169.145.163

Fully Qualifying Domain Name

Rank

First Seen

Last Seen

Sent bytes

Received bytes

Comment

www.lazarus.team (2)

2023-04-27 08:59:35

2023-05-24 21:08:07

744

817

81.169.145.163

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-24 19:08:10 UTC	medium	81.169.145.163	Client IP	ET INFO TLS Handshake Failure

Timestamp

Severity

Source IP

Destination IP

Alert

2023-05-24 19:08:10 UTC

medium

81.169.145.163

Client IP

ET INFO TLS Handshake Failure

Date	UQ / IDS / BL	URL	IP
2023-06-04 13:04:09 UTC	0 - 2 - 0	nightdriv3r.de	81.169.145.163
2023-06-04 07:16:45 UTC	0 - 2 - 0	www.a-o-m-m.gmbh/	81.169.145.163
2023-06-04 07:16:42 UTC	0 - 2 - 0	a-o-m-m.gmbh/	81.169.145.163
2023-05-30 20:56:39 UTC	0 - 4 - 0	www.bambaiag.com/	81.169.145.163
2023-05-29 07:07:32 UTC	0 - 2 - 0	www.masuta.info/	81.169.145.163

Date

UQ / IDS / BL

URL

2023-06-04 13:04:09 UTC

0 - 2 - 0

nightdriv3r.de

81.169.145.163

2023-06-04 07:16:45 UTC

0 - 2 - 0

www.a-o-m-m.gmbh/

81.169.145.163

2023-06-04 07:16:42 UTC

0 - 2 - 0

a-o-m-m.gmbh/

81.169.145.163

2023-05-30 20:56:39 UTC

0 - 4 - 0

www.bambaiag.com/

81.169.145.163

2023-05-29 07:07:32 UTC

0 - 2 - 0

www.masuta.info/

81.169.145.163

Date	UQ / IDS / BL	URL	IP
2023-06-06 05:08:44 UTC	0 - 1 - 0	geraldfiebig.net/	81.169.145.94
2023-06-06 04:47:58 UTC	0 - 1 - 0	urbitas.es/misc/goodinfpfirmanhf.exe	193.141.3.65
2023-06-06 04:40:42 UTC	0 - 2 - 0	0049.media/	81.169.145.80
2023-06-06 04:23:26 UTC	0 - 1 - 0	yuen.de/UPS-Invoice-for-downloads-919/	81.169.145.92
2023-06-06 04:05:49 UTC	0 - 2 - 0	pbmm.de/uz2v607s.exe	81.169.145.88

Date

UQ / IDS / BL

URL

2023-06-06 05:08:44 UTC

0 - 1 - 0

geraldfiebig.net/

81.169.145.94

2023-06-06 04:47:58 UTC

0 - 1 - 0

urbitas.es/misc/goodinfpfirmanhf.exe

193.141.3.65

2023-06-06 04:40:42 UTC

0 - 2 - 0

0049.media/

81.169.145.80

2023-06-06 04:23:26 UTC

0 - 1 - 0

yuen.de/UPS-Invoice-for-downloads-919/

81.169.145.92

2023-06-06 04:05:49 UTC

0 - 2 - 0

pbmm.de/uz2v607s.exe

81.169.145.88

Date	UQ / IDS / BL	URL	IP
2023-05-24 19:08:28 UTC	0 - 1 - 0	www.lazarus.team/ertr/	81.169.145.163

Date

UQ / IDS / BL

URL

2023-05-24 19:08:28 UTC

0 - 1 - 0

www.lazarus.team/ertr/

81.169.145.163

Date	UQ / IDS / BL	URL	IP
2023-06-06 04:23:26 UTC	0 - 1 - 0	yuen.de/UPS-Invoice-for-downloads-919/	81.169.145.92
2023-06-06 04:22:55 UTC	0 - 1 - 2	212.83.186.136/setup-15.exe	212.83.186.136
2023-06-06 04:22:25 UTC	0 - 1 - 0	hansworst.xyz/Flappy%20Hans.exe	103.224.182.210
2023-06-06 04:14:09 UTC	0 - 6 - 0	cdd.net.ua/apothecary/login.php?action=proces (...)	89.184.88.6
2023-06-06 04:12:45 UTC	0 - 0 - 2	sispar4cbms.com/huntington/login.php?online_i (...)	138.128.170.234

Date

UQ / IDS / BL

URL

2023-06-06 04:23:26 UTC

0 - 1 - 0

yuen.de/UPS-Invoice-for-downloads-919/

81.169.145.92

2023-06-06 04:22:55 UTC

0 - 1 - 2

212.83.186.136/setup-15.exe

212.83.186.136

2023-06-06 04:22:25 UTC

0 - 1 - 0

hansworst.xyz/Flappy%20Hans.exe

103.224.182.210

2023-06-06 04:14:09 UTC

0 - 6 - 0

cdd.net.ua/apothecary/login.php?action=proces (...)

89.184.88.6

2023-06-06 04:12:45 UTC

0 - 0 - 2

sispar4cbms.com/huntington/login.php?online_i (...)

138.128.170.234

HTTP Transactions (2)

Request	Response
GET /ertr/ HTTP/1.1 Host: www.lazarus.team User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache	81.169.145.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 24 May 2023 19:08:11 GMT Server: Apache/2.4.57 (Unix) Content-Length: 196 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1 Host: www.lazarus.team User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.lazarus.team/ertr/ Pragma: no-cache Cache-Control: no-cache	81.169.145.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 24 May 2023 19:08:11 GMT Server: Apache/2.4.57 (Unix) Content-Length: 196 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request

Response

                                        
                                            GET /ertr/ HTTP/1.1 

                                        
                                            
Host: www.lazarus.team

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             81.169.145.163

                                            
                                                HTTP/1.1 404 Not Found 

                                            
                                                
Content-Type: text/html; charset=iso-8859-1

                                            

                                            
                                                
Date: Wed, 24 May 2023 19:08:11 GMT 

                                            
                                                
Server: Apache/2.4.57 (Unix) 

                                            
                                                
Content-Length: 196 

                                            
                                                
Keep-Alive: timeout=3, max=100 

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   196

                                                Md5:    62962daa1b19bbcc2db10b7bfd531ea6

                                                Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8

                                                Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: www.lazarus.team

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.lazarus.team/ertr/ 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             81.169.145.163

                                            
                                                HTTP/1.1 404 Not Found 

                                            
                                                
Content-Type: text/html; charset=iso-8859-1

                                            

                                            
                                                
Date: Wed, 24 May 2023 19:08:11 GMT 

                                            
                                                
Server: Apache/2.4.57 (Unix) 

                                            
                                                
Content-Length: 196 

                                            
                                                
Keep-Alive: timeout=3, max=99 

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   196

                                                Md5:    62962daa1b19bbcc2db10b7bfd531ea6

                                                Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8

                                                Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

URL	www.lazarus.team/ertr/
IP	81.169.145.163 (Germany)
ASN	#6724 Strato AG
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-05-24 19:08:28 UTC
Status	Loading report..
IDS alerts	1
Blocklist alert	0
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (1)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 81.169.145.163

Last 5 reports on ASN: Strato AG

Last 1 reports on domain: lazarus.team

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (2)

Overview

Domain Summary (1)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 81.169.145.163

Last 5 reports on ASN: Strato AG

Last 1 reports on domain: lazarus.team

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (2)

Network Intrusion Detection Systems