IOC Radar
DomainHighVerifiedSignal 34/100

d.gandring.my.id

Location
Czech RepublicCzech Republic
First Seen
Oct 31, 2023
Last Seen
Apr 6, 2026
Oct 31
First Seen
957d ago
Apr 6
Last Seen
69d ago
5
Reports
source reports
34%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
34%
Signal Score
34 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

53 techniques

Feed Intelligence Summary

5 reports34% confidence
5
Source reports
34%
Confidence score
Category tags
aaaaabuseaccept expiryaccessactive scanadresadresy urlall scoreblueamerykias35994 akamaiattorney brian sabeyavast avgb serverbad reputationbardzo dugabelgiumbodybotnetbotnet activitybrain sabeybrazilbrian sabeybrute forceca datacloud infrastructurecms: expresscnamecommand and controlcommunication protocolcompromised websitecredential harvestingcredential stuffingcsc corporateczech republicdata exfiltrationdata store exposuredata utworzeniadata wyganiciadigicert incdigitaldigital certificate analysisdistributed attacksdns attackdnssecdocument exploitatione5.spikeaex.dynhashet torexitexploitation activityexpressfiles matchingfirst stage payloadflagfound httpsframinghall renderhttp responsehttp scanneridentity & access exploitationidentity theftindicatorinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinput validation bypassinvalid urlionos seirelandireland unknownknown tormalicious redirectmalicious softwaremalwaremalware deliverymicrosoft officemisc attackmuiname serversnetworknextnode trafficoffice exploitationpassive dnspath traversalphishingphishing attackprocess injectionransomwarerelated pulsesreputation attacksresearchedsan josescan endpointssearchsecuresecurity riskselfserver tsaserver tsa bserwer nazwshowshowingsocial engineeringsocial media abusessdeepstatust1027t1036t1036.005t1041t1046t1055t1059t1059.001t1071t1071.001t1071.004t1078t1078.004t1082t1095t1105t1110.004t1189t1190t1192t1199t1204t1204.002t1212t1486t1496t1499.002t1499.003t1547t1547.001t1553t1553.002t1553.006t1560t1565t1566t1566.001t1566.002t1566.003t1568.002t1573t1583t1583.001t1587.001t1588t1588.004t1590.001t1598t1598.003t1598.004t1602t1608t1608.001threat actortor nodetrojan featurestrojan malwaretsa btwittertworzytworzy katalogtworzy plikityp plikuunitedurlsvirtoolweb applicationweb application attackweb application exploitationweb trafficwin32/obfuscator.adbwin32/upatrewin32/vflooder

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
34
SIGNAL
Signal Score
34%
Confidence
5
Reports
First seenOct 31, 2023
Last seenApr 6, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
A look back at some of the key words and phrases used to describe the situation in Italy, as "probacja" (or "democrata), as they were translated into English.
raw
DNSSEC: Unsigned Domain ID: PANDI-DO6358150 Domain Name: gandring.my.id Expiration Date: 2023-03-14 00:09:03 Last Updated On: 2023-04-17 18:09:04 Name Server: byron.ns.cloudflare.com Name Server: sloan.ns.cloudflare.com Sponsoring Registrar City: Jakarta Selatan Sponsoring Registrar Country: ID Sponsoring Registrar Email: [email protected] Sponsoring Registrar Organization: PT Registrasi Nama Domain Sponsoring Registrar Postal Code: 12950 Sponsoring Registrar State/Province: Jakarta Sponsoring Registrar URL: https://daftarnama.id Status: pendingDelete Status: redemptionPeriod

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 2 months ago
Appeared in 5 threat reports