Report Overview
Visitedpublic
2023-12-10 04:27:32
Submit Tags
URL
difv.shop/index.php?WZyIKlnc=W16993485687365881R23496Uv8066tA15799U798RHlY11037vBU
Finishing URL
tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
IP / ASN
45.8.230.97
Title
Suspected phishing site | Cloudflare
Suspicious - Sinkholed / Blocked
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
difv.shop | unknown | 2023-04-05 | 2023-09-04 18:13:53 | 2023-12-09 16:41:17 | 464 B | 500 B | 45.8.230.97 | |
tundrafolder.com 2 alert(s) on this Domain | unknown | 2015-11-06 | 2022-09-30 12:00:42 | 2023-12-09 02:04:44 | 2.0 kB | 32 kB |  104.21.84.123 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| high | 45.8.230.97 | Client IP | ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit) |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
JavaScript (3)
No JavaScripts
HTTP Transactions (5)
| URL | IP | Response | Size |
|---|