Report - clothoff.net/

Report Overview

Visited public
2024-09-08 03:03:10
Tags
URL
clothoff.net/
Finishing URL
clothoff.net/
IP / ASN
104.21.25.39
#13335 CLOUDFLARENET
Title
clothoff.net/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-07 18:12:17	981 B	2.7 kB	23.36.76.226
clothoff.net	unknown	2023-05-16	2023-07-04 21:27:05	2024-04-17 18:58:58	467 B	920 B	104.21.25.39

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-08	medium	clothoff.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
80f3aada09a34a0d6e43e77f160ac485
8feee259be181420c2c17ccb3d81ce9bc980b577
cccc9314ca2d07fb6a2a5d91a8d7b37f16fd78a5d14b0e6a27de0df82e47f1f3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CCCC9314CA2D07FB6A2A5D91A8D7B37F16FD78A5D14B0E6A27DE0DF82E47F1F3"
Last-Modified: Sat, 07 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4998
Expires: Sun, 08 Sep 2024 04:26:02 GMT
Date: Sun, 08 Sep 2024 03:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
010d9d76f2cffcde2776f30737ea6daa
8f2fbd4790c6a38d70f1e6d4be7b34a6cf562d70
5b0f8b959509a0ebd05f4fd4dca127683100ab3c79a154da1b78247ebf21ffda

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5B0F8B959509A0EBD05F4FD4DCA127683100AB3C79A154DA1B78247EBF21FFDA"
Last-Modified: Sat, 07 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Sun, 08 Sep 2024 09:02:24 GMT
Date: Sun, 08 Sep 2024 03:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b73e5b140c4c19e7e5450cce90348dec
c2186b718c50a53bf30e1093713305403a8bd673
eddd5af125077f387f37956c09c275a35be27c88fbcb02b1d789f352c0dfa5ba

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EDDD5AF125077F387F37956C09C275A35BE27C88FBCB02B1D789F352C0DFA5BA"
Last-Modified: Sat, 07 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8862
Expires: Sun, 08 Sep 2024 05:30:27 GMT
Date: Sun, 08 Sep 2024 03:02:45 GMT
Connection: keep-alive

clothoff.net/

104.21.25.39

500 Internal Server Error

268 B

URL User Request GET HTTP/2
clothoff.net/
IP
104.21.25.39:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectclothoff.net
FingerprintB2:4C:B7:68:53:71:9D:3D:4F:51:7A:96:ED:1A:FB:4F:BF:B6:3F:81
ValidityWed, 21 Aug 2024 03:30:37 GMT - Tue, 19 Nov 2024 03:30:36 GMT

File type
JSON text data
Size
268 B (268 bytes)
Hash
aa06d405c4bd5cba9c298628bb2da997
1a791d43646c5c8f86414405cf8ed84cf20b3d54
95d37ca4430668897aab411533b0054ae6b8744894e43a9f7febb7a3178978fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: clothoff.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Sun, 08 Sep 2024 03:02:47 GMT
content-type: application/json; charset=utf-8
content-length: 268
x-powered-by: Express
etag: W/"10c-GnkdQ2RsXI+GQUQFz47YTPILPVQ"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQCFhZVl9NFnkvaZsmwfy%2Fgx99jxxvkhW9SXE485dsgMTdeRhCnDwEjAGrIa7dQkzY0reNAlx%2BcsIezQsrqZ9htrndMNrH2Kz4vquy5mk6VRG1%2BX0SdJvf33RGRfopE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bfbb3934db756ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers