IOC Radar
DomainMediumSignal 43/100

auta-roman.pl

Location
PolandPoland
First Seen
Oct 23, 2023
Last Seen
Jun 5, 2026
Oct 23
First Seen
972d ago
Jun 5
Last Seen
16d ago
10
Reports
source reports
43%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
43%
Signal Score
43 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Feed Intelligence Summary

10 reports43% confidence
10
Source reports
43%
Confidence score
Category tags
access controlaccount discoveryaccount profilingaccount takeoveractive scanattachment exploitationattachment phishingattackattack vector: emailbecbotnetbotnet activitybrand impersonationbrand_impersonationbrute forcebusiness_email_compromisecertcommand and controlcommunication protocolcompromised infrastructurecompromised websitecredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingcredential_theftdata collectiondata exfiltrationdata store exposuredgadistributed attackseuropeexploitation activityfake login pagefinancefraudfraudulent communicationfraudulent emailshttp scannerhttpsidentity & access exploitationindicatorindicators of compromiseinfrastructure acquisitionreconnaissanceinitial accessinjection activityioclink redirectionmalicious activitymalicious attachmentmalicious domain activitymalicious domain disseminationmalicious linkmalicious linksmalicious softwaremalicious urlsmalicious_attachmentmalicious_urlmalwaremalware deliverymalware distributionmalware hostingmalware_distributionnetworkphishingphishing attackphishing campaignphishing websitephishing-databasephishing_campaignpolandprocess injectionransomwareresearchedscamscams & fraudsecurity awarenesssecurity operationssecurity policysecurity_awarenesssmtpsocial engineeringt1027t1036t1055t1059t1071t1071.001t1071.004t1078t1105t1189t1190t1192t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1534t1552.001t1556.001t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1567.001t1583t1583.001t1586t1586.001t1587.001t1588t1588.002t1588.006t1590.001t1598t1598.003targeting databasethreat actorthreat intelligencethreat intelligence feedthreat preventionthreat_indicatorthreat_intelligencetor nodeweb securityweb traffic

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **auta-roman.pl**, originating from Poland, has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports. First observed on October

Threat ScoreMedium Risk
43
SIGNAL
Signal Score
43%
Confidence
10
Reports
First seenOct 23, 2023
Last seenJun 5, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
DOMAIN NAME: auta-roman.pl 's billing period had finished created: 2023.10.22 15:14:06 dnssec: Unsigned expiration date: 2024.11.21 14:14:06 last modified: 2023.10.22 15:30:41
references
https://phishing.army/download/phishing_army_blocklist_extended.txt, https://threatintel.cybsec.fr/2023IOCs4_cybsec.txt
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 16 days ago
Appeared in 10 threat reports