DomainMediumSignal 42/100
durov-uz.cfd
Location
United StatesFirst Seen
Sep 19, 2024
Last Seen
Jun 2, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
11 reports42% confidence
11
Source reports
42%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoveraccount takeover attemptactive scanactive scanningattachment phishingauthentication attackbecbotnetbotnet activitybrand impersonationbrute forcebusiness email compromisecommand and controlcompromised accountcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposuredata theftddosdenial of servicedistributed attacksexploitation activityfinancefraudftp brute forcehttp brute forcehydra attackidentity & access exploitationindicatorinjection activitylink injectionlink obfuscationlink redirectionlogin attacklogin attemptsmalicious attachmentmalicious linkmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmalware phishingmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scannorth americaphishingphishing activityphishing attackphishing campaignphishing-databaseprocess injectionprotocol exploitationransomwarerdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedscams & fraudservice enumerationservice scansmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1539t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1567.001t1589t1589.002t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatudp scanunited statesvulnerability scanweb securitywebsite phishing
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), the domain `durov-uz.cfd`, represents a significant and active threat, primarily associated with sophisticated phishing campaigns. Its detection across multiple reputable threat intelligence feeds, combined with an elevated risk score of 41.89, strongly suggests its use in attempts to compromise user credentials or facilitate malware deployment. If this domain is accessed within the organizational environment, it could lead to severe consequences, including ac…
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
11
Reports
First seenSep 19, 2024
Last seenJun 2, 2026
VirusTotal
Not checked
WHOIS
- description
- LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
- domain rank
- -1
- raw
- Create date: 2024-09-15 00:00:00 Domain name: durov-uz.cfd Domain registrar id: 3956 Domain registrar url: https://www.globaldomaingroup.com Expiry date: 2025-09-15 00:00:00 Name server 1: brit.ns.cloudflare.com Name server 2: sam.ns.cloudflare.com Query time: 2024-09-16 12:26:04 Registrant company: c0dbd0252fd47a8b Registrant country: United States Registrant email: f651612a2f356ad3s@ Registrant state: 77ab92f1911d7c5f Update date: 2024-09-15 00:00:00
- subdomains count
- 0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 11 days ago
Appeared in 11 threat reports