Security Research Report · 05–07 March 2026

lagerfeuer.net – Domain Abuse Report

12 redirect chains recorded across two monitoring sessions, documenting political disinformation, affiliate traffic laundering, VPN social engineering, unsolicited adult content, and gambling advertising originating from or attributed to lagerfeuer.net.

12

Redirect chains

2

Tracking sessions

6

Threat categories

13

Shared infrastructure nodes

Threat Categories

Political disinformationC2, C4, C5Affiliate traffic launderingC1, C3VPN social engineeringC6, C7, C10Adult content (no consent)C12Unsolicited gamblingC9Legitimate (mixed rotation)C8, C11

Report Sections

Start here

Report Overview

Findings summary, threat categories, and key reporting contacts.

Chain Overview

Summary table of all 12 chains, TDS architecture, and shared infrastructure map.

Desktop Chains 1–5, 12

Disinformation, affiliate laundering, and adult content via desktop sessions.

Mobile Chains 6–11

VPN social engineering, gambling, and legitimate mixed-rotation chains.

Monitoring Sessions

Session 1 — Chains 1–11Thursday, 05 March 2026 · 20:00–21:00 CET
Session 2 — Chain 12Friday, 07 March 2026 · ~23:00 CET

All data collected through passive observation of publicly accessible network traffic. No systems were accessed without authorisation.