Report - domagmortarer.com/

Report Overview

Visited public
2024-09-10 03:46:55
Tags
URL
domagmortarer.com/
Finishing URL
domagmortarer.com/feed
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
domagmortarer.com/feed

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
domagmortarer.com	unknown	unknown	No data	No data	2.3 kB	3.8 kB	188.114.96.1
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-09 18:12:09	654 B	1.8 kB	23.36.76.249
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-09 18:12:09	1.3 kB	3.6 kB	23.36.76.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-10	medium	domagmortarer.com	Sinkholed
2024-09-10	medium	domagmortarer.com	Sinkholed
2024-09-10	medium	domagmortarer.com	Sinkholed
2024-09-10	medium	domagmortarer.com	Sinkholed
2024-09-10	medium	domagmortarer.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (11)

URL IP Response Size

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
85b35ef8e54cfd751670f6a6d56541bd
162e94ccf2a785ea99c41f45c3a76815a2f8ae5f
3f59c24a6538550f52a4c9b39d9f57b023c9d44d50a846e742b763f74dfc179d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3F59C24A6538550F52A4C9B39D9F57B023C9D44D50A846E742B763F74DFC179D"
Last-Modified: Sun, 08 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Tue, 10 Sep 2024 07:51:49 GMT
Date: Tue, 10 Sep 2024 03:46:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
80f3aada09a34a0d6e43e77f160ac485
8feee259be181420c2c17ccb3d81ce9bc980b577
cccc9314ca2d07fb6a2a5d91a8d7b37f16fd78a5d14b0e6a27de0df82e47f1f3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CCCC9314CA2D07FB6A2A5D91A8D7B37F16FD78A5D14B0E6A27DE0DF82E47F1F3"
Last-Modified: Sat, 07 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Tue, 10 Sep 2024 05:12:46 GMT
Date: Tue, 10 Sep 2024 03:46:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
010d9d76f2cffcde2776f30737ea6daa
8f2fbd4790c6a38d70f1e6d4be7b34a6cf562d70
5b0f8b959509a0ebd05f4fd4dca127683100ab3c79a154da1b78247ebf21ffda

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5B0F8B959509A0EBD05F4FD4DCA127683100AB3C79A154DA1B78247EBF21FFDA"
Last-Modified: Sat, 07 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5208
Expires: Tue, 10 Sep 2024 05:13:18 GMT
Date: Tue, 10 Sep 2024 03:46:30 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b73e5b140c4c19e7e5450cce90348dec
c2186b718c50a53bf30e1093713305403a8bd673
eddd5af125077f387f37956c09c275a35be27c88fbcb02b1d789f352c0dfa5ba

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EDDD5AF125077F387F37956C09C275A35BE27C88FBCB02B1D789F352C0DFA5BA"
Last-Modified: Sat, 07 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10408
Expires: Tue, 10 Sep 2024 06:39:58 GMT
Date: Tue, 10 Sep 2024 03:46:30 GMT
Connection: keep-alive

domagmortarer.com/

188.114.96.1

302 Found

202 B

URL User Request GET HTTP/2
domagmortarer.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdomagmortarer.com
Fingerprint75:65:D6:16:97:0D:57:0B:48:F4:ED:5F:1F:77:71:2F:94:10:21:16
ValidityThu, 05 Sep 2024 16:44:23 GMT - Wed, 04 Dec 2024 16:44:22 GMT

File type
data
Size
202 B (202 bytes)
Hash
17f4225a6b0b0e71eab681201db0308a
c2a524f4fa0a07dbab87dba94e3cd3e0351621e6
a83ae4d839194b813777115c0b6308d35edcb8c44a87d2b992e322990f713dd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: domagmortarer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 10 Sep 2024 03:46:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
location: /feed
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ro4oUFguGT2P0N4PVYQ1xeE3Lotzl%2FxlYvUKtl9sCGhz2pyTDIxOENiXUL%2FKw8XKR7V93Ny58tQz2c0WadU55Rg6krlNo3fkgk7kmBK2zsQdBjB0gX07ltioOldmSfjzv6wvUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c0c6e6c3883be3a-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

domagmortarer.com/favicon.ico

188.114.96.1

204 No Content

0 B

URL GET HTTP/3
domagmortarer.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://domagmortarer.com/feed
Certificate
IssuerGoogle Trust Services
Subjectdomagmortarer.com
Fingerprint75:65:D6:16:97:0D:57:0B:48:F4:ED:5F:1F:77:71:2F:94:10:21:16
ValidityThu, 05 Sep 2024 16:44:23 GMT - Wed, 04 Dec 2024 16:44:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: domagmortarer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagmortarer.com/feed
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 10 Sep 2024 03:46:31 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZJ2JJHAitoyprwydE9PKBR2oHYPtHZw9u5sgecxCNAHRCPibySyDG82l8j4KyHHPnu%2Bgri%2F1TwULOQaJIeqWxLfIAzDvLV8FbE8PLhhvUnRVyoFqqrA1g7NXsbNg9AfCgCALg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c0c6e709a7d6dea-CPH
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.249

504 B

URL
r11.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
049168dffe0b5a00f2445081ecd6bf9b
0f2ac0ec9d33feb0278169b202090547c911c376
d969853c89700ffb69a519bcb55655c1a8840918b5a9ab836d49730e63213b10

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D969853C89700FFB69A519BCB55655C1A8840918B5A9AB836D49730E63213B10"
Last-Modified: Sat, 07 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6010
Expires: Tue, 10 Sep 2024 05:26:42 GMT
Date: Tue, 10 Sep 2024 03:46:32 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.249

504 B

URL
r11.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
049168dffe0b5a00f2445081ecd6bf9b
0f2ac0ec9d33feb0278169b202090547c911c376
d969853c89700ffb69a519bcb55655c1a8840918b5a9ab836d49730e63213b10

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D969853C89700FFB69A519BCB55655C1A8840918B5A9AB836D49730E63213B10"
Last-Modified: Sat, 07 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6010
Expires: Tue, 10 Sep 2024 05:26:42 GMT
Date: Tue, 10 Sep 2024 03:46:32 GMT
Connection: keep-alive

domagmortarer.com/feed

188.114.96.1

404 Not Found

30 B

URL User Request GET HTTP/2
domagmortarer.com/feed
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdomagmortarer.com
Fingerprint75:65:D6:16:97:0D:57:0B:48:F4:ED:5F:1F:77:71:2F:94:10:21:16
ValidityThu, 05 Sep 2024 16:44:23 GMT - Wed, 04 Dec 2024 16:44:22 GMT

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
644a18132a6d3144e9e1ecdb1c996229
a0b9b8b24457ea56738583a71aaac67cead22a24
7395b4b5942c43a4b2a6b85c8a6ff8bf99e9f282cfcc7c7c66b4fbde9d1cbffb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feed HTTP/1.1
Host: domagmortarer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Tue, 10 Sep 2024 03:46:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXiU%2BkyoHm41l8hk9ihwVL5OFZ7wlKLJy3G3ILrQB5ooQTAay59PLSUJLexy5hK0FwbhuQnfYJa0ZUYjlNG9wS9W2NE4JJGhRiFEhU3JsfPuYQAppHC9W%2BIe9ZoJtjQ%2B5uQ5Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c0c6e6ce8dbbe3a-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

domagmortarer.com/feed

188.114.97.1

301 Moved Permanently

30 B

URL User Request GET HTTP/1.1
domagmortarer.com/feed
IP
188.114.97.1:80
ASN
#13335 CLOUDFLARENET

File type

Size
30 B (30 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feed HTTP/1.1
Host: domagmortarer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 10 Sep 2024 03:46:30 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 10 Sep 2024 04:46:30 GMT
Location: https://domagmortarer.com/feed
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEOb0v2cqzvbe6HApng8yTa7p1PVWsjTwX2uoRcxw0idBbbiZCMZ3WIq8Gv%2B7P%2FlkKcOP9LgfUoXqBtJlyXCK3RekAWE%2FvbxXF0BDmFknuaojwR1J0SFiAPwyWfgGfFAeyNRSw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8c0c6e6e9de592eb-CPH
alt-svc: h2=":443"; ma=60

domagmortarer.com/feed

188.114.96.1

404 Not Found

30 B

URL User Request GET HTTP/3
domagmortarer.com/feed
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdomagmortarer.com
Fingerprint75:65:D6:16:97:0D:57:0B:48:F4:ED:5F:1F:77:71:2F:94:10:21:16
ValidityThu, 05 Sep 2024 16:44:23 GMT - Wed, 04 Dec 2024 16:44:22 GMT

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
644a18132a6d3144e9e1ecdb1c996229
a0b9b8b24457ea56738583a71aaac67cead22a24
7395b4b5942c43a4b2a6b85c8a6ff8bf99e9f282cfcc7c7c66b4fbde9d1cbffb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feed HTTP/1.1
Host: domagmortarer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 10 Sep 2024 03:46:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69EaOdLpZ%2FDMat5xYeTqc05Kal%2FxOZa8Sa3NXeoO2c80EnA1wVII0u%2BB7JMsip3OzmbKCA7kBODsjhjlvJsg%2F8SPHxWiB8aBx0q2v58TgjGnuDJVLc%2BK82SFrQk6w6uB2hgClw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c0c6e6f195d6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (11)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type