DomainMediumSignal 29/100
ambertrail.xyz
First Seen
Feb 3, 2026
Last Seen
Feb 3, 2026
Found in 1 report. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
28%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
1 report28% confidence
1
Source reports
28%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
Feb 3Feb 3
Threat Activity Heatmap
· Peak: 2026-02-03LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The inclusion of `ambertrail.xyz` in threat intelligence feeds, with a score of 28.5, signifies a potential security concern that warrants attention. This domain has been identified as a possible indicator of compromise, suggesting its involvement in malicious activities such as command and control communications, phishing attempts, or malware distribution. Organizations should recognize that the presence of this domain in network logs could indicate an active compromise or an attempt to initiat…
Threat ScoreLow Risk
29
SIGNAL
Signal Score
28%
Confidence
1
Reports
First seenFeb 3, 2026
Last seenFeb 3, 2026
VirusTotal
Not checked
WHOIS
- registrar
- NAMECHEAP INC
- creation date
- 2025-07-08T17:37:04
- expiration date
- 2027-07-08T23:59:59
- updated date
- 2026-06-08T06:01:39
- name servers
- HATTIE.NS.CLOUDFLARE.COM, VIN.NS.CLOUDFLARE.COM
- country
- IS
- org
- Privacy service provided by Withheld for Privacy ehf
- status
- clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen 4 months ago
Appeared in 1 threat report