Report - usps-usa.duckdns.org/c146b89dd55f1d398da2966de1a44c2b/?token=37e01b135dee858b9ccf0f288d285afebb23da3bd39166cdb6ef6af33ccac024890d7e566c68aa83e41e5b87dd1ac22a986344055a7cd0f2357638a97ab3f5d8

Report Overview

Visitedpublic

2023-09-16 05:19:06

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
usps-usa.duckdns.org	unknown	2013-04-12	2023-09-16 04:04:23	2023-09-16 04:04:23	11 kB	47 kB	143.110.232.17
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-09-15 21:01:49	892 B	84 kB	216.58.211.10
devilsms.live	unknown	2021-09-16	2022-06-09 23:23:15	2023-08-23 20:36:16	4.1 kB	41 kB	199.188.200.254
www.siteground.com	291195	2004-03-22	2017-01-30 08:53:08	2023-09-03 10:20:17	351 B	986 B	34.149.40.93

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-16 05:18:48	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:48	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:48	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:48	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:48	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:48	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:49	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:49	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:51	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:51	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:52	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:52	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:52	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:52	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:53	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:53	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:53	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:53	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:53	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:53	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:53	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:53	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:53	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:54	high	143.110.232.17	Client IP	ETPRO HUNTING Suspicious Redirect to Recursive PHP - Possible Phishing
2023-09-16 05:18:54	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:54	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:54	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:54	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:54	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:54	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:55	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:55	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:55	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:55	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:55	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:55	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:55	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:55	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:55	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:55	high	143.110.232.17	Client IP	ETPRO HUNTING Suspicious Redirect to Recursive PHP - Possible Phishing
2023-09-16 05:18:56	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:56	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:57	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:57	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:57	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:57	high	143.110.232.17	Client IP	ETPRO HUNTING Suspicious Redirect to Recursive PHP - Possible Phishing
2023-09-16 05:18:58	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:58	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:18:58	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:59	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:18:59	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:18:59	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:19:00	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-09-16 05:19:00	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-16 05:19:00	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-16 05:19:00	high	143.110.232.17	Client IP	ETPRO HUNTING Suspicious Redirect to Recursive PHP - Possible Phishing
2023-09-16 05:19:03	medium	Client IP	143.110.232.17	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed
2023-09-16	medium	usps-usa.duckdns.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

HTTP Transactions (33)

	URL	IP	Response	Size