DomainMediumSignal 70/100
meinpacket.net
Location
AustriaFirst Seen
Mar 3, 2024
Last Seen
May 8, 2026
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
8 reports70% confidence
8
Source reports
70%
Confidence score
Category tags
accessactive scanadminasiaaustriabbkbec attemptbettingbhutanblueskybotnetbotnet activitybrbrand impersonationbrute forcecanadachemical & pharmaceuticalcmscommand and controlconfigcredential harvestingcredential stuffingcredential theftcrypto currencycryptocurrencycssdata exfiltrationdata store exposuredelivery service scamdetailsdhldhl phishing campaigndistributed attacksdomaindomainsexecutable fileexploitation activityexpressfinancefintechfleet managementfrancefraudfreight servicesgaminggermanygithubglobalgroupshtmlhttphttpshungaryidentity & access exploitationimagesindexindicatorinfoinformation technologyinfrastructure acquisitionreconnaissanceinjection activityiot securityipfsirelanditalymalicious linksmalicious softwaremalwaremaritime transportmedia & entertainmentmediummexiconetnetworknorth americapagepassenger transportationphishingphishing attackphishing domainsphishing urlsphppioneerplpleskpolandprocess injectionragnarokrail transportransomwarerecaptcharesearchedretailromaniascamscams & fraudscriptshipping & logisticsslugsmssocial engineeringsoftware publishersupportsurface webt1055t1071.001t1071.004t1078t1189t1192t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.001t1583t1583.001t1587.001t1588t1588.002t1588.004t1590.001t1598t1598.003telecommunicationthreat actortinymcetor nodetransportation and warehousingtransportation infrastructuretransportation technologytwitterunited statesuploadurlurlsweb securitywebsite
Activity Timeline
May 8May 8
Threat Activity Heatmap
· Peak: 2026-05-08LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), the domain `meinpacket.net`, is a significant threat due to its high malicious score and association with sophisticated attack campaigns. This domain has been implicated in phishing operations and linked to known ransomware groups, "bluesky" and "ragnarok." Its presence suggests potential for initial access, command and control communications, data exfiltration, or even direct ransomware deployment within an organization's environment. Unaddressed, this threat…
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
8
Reports
First seenMar 3, 2024
Last seenMay 8, 2026
VirusTotal
Not checked
WHOIS
- registrar
- Wild West Domains, LLC
- description
- This page stores DHL phishing page IOCs. Legitimate website for the brand is https://www.dhl.com/ NOLA defense is tracking newly observed phishing websites. Follow us on twitter https://twitter.com/noladefense
- domain rank
- -1
- raw
- Creation Date: 2024-02-29T13:16:07Z DNSSEC: unsigned Domain Name: MEINPACKET.NET Domain Status: redemptionPeriod https://icann.org/epp#redemptionPeriod Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: 480-624-2505 Registrar IANA ID: 440 Registrar URL: http://www.wildwestdomains.com Registrar WHOIS Server: whois.wildwestdomains.com Registrar: Wild West Domains, LLC Registry Domain ID: 2859593560_DOMAIN_NET-VRSN Registry Expiry Date: 2025-02-28T13:16:07Z Updated Date: 2025-04-11T08:16:03Z
- references
- https://www.virustotal.com/gui/collection/9e06470d30593e11c8daad2157e0d4ef1ccce47787e2b5303846704767c26d6a, https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt, https://phishing.army/download/phishing_army_blocklist_extended.txt
- subdomains count
- 0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 1 month ago
Appeared in 8 threat reports