Report Overview
Visitedpublic
2023-10-31 18:27:57
Tags
Submit Tags
URL
uspostal-portal30.dynnamn.ru/
Finishing URL
uspostal-portal30.dynnamn.ru/landing.php
IP / ASN
165.227.180.255
Title
Notice
Suspicious - DynDNS domain
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
uspostal-portal30.dynnamn.ru 12 alert(s) on this Domain | unknown | 2019-09-16 | 2023-10-13 15:21:47 | 2023-10-18 03:45:35 | 1.6 kB | 30 kB | 165.227.180.255 | |
ocsp.r2m02.amazontrust.com | unknown | 2007-05-11 | 2022-10-12 16:01:39 | 2023-10-31 12:28:34 | 340 B | 942 B | 54.230.218.11 | |
media.istockphoto.com | 10706 | 2000-01-06 | 2018-11-13 22:06:51 | 2023-10-30 19:03:06 | 585 B | 18 kB | 143.204.55.50 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | Internal IP | ET INFO DYNAMIC_DNS Query to dynnamn .ru Domain | |
| low | Client IP | Internal IP | ET INFO DYNAMIC_DNS Query to dynnamn .ru Domain | |
| low | Client IP | Internal IP | ET INFO DYNAMIC_DNS Query to dynnamn .ru Domain | |
| low | Client IP | Internal IP | ET INFO DYNAMIC_DNS Query to dynnamn .ru Domain | |
| low | Client IP | Internal IP | ET INFO DYNAMIC_DNS Query to dynnamn .ru Domain |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/ | United States Postal Service |
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/ | United States Postal Service |
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/ | United States Postal Service |
PhishTank
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/ | Other |
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/favicon.ico | Other |
| 2023-10-17 | medium | uspostal-portal30.dynnamn.ru/landing.php | Other |
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-10-31 | medium | dynnamn.ru | Sinkholed |
| 2023-10-31 | medium | dynnamn.ru | Sinkholed |
| 2023-10-31 | medium | dynnamn.ru | Sinkholed |
ThreatFox
No alerts detected
JavaScript (0)
No JavaScripts
HTTP Transactions (5)
| URL | IP | Response | Size |
|---|