DomainMediumSignal 81/100

`document.hometowncity.cloud`

First Seen

Feb 14, 2025

Last Seen

Apr 27, 2026

Feb 14

First Seen

481d ago

Apr 27

Last Seen

45d ago

Reports

source reports

81%

Confidence

medium

15/91

VirusTotal

detections

Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

81%

Signal Score

81 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

125 techniques

Feed Intelligence Summary

9 reports81% confidence

Source reports

81%

Confidence score

Category tags

account brute forceactive scanactive scanningadvanced malwareaman mishraanti-analysisanti-debuggingapac targetingaptapt groupattackauthentication attackbackdoorbinary unionbootkitbotnetbotnet activitybrute forcebrute force attackc2central asia targetingcisa kevcobalt strikecode executioncommand & controlcommand and controlcommand executioncommunication protocolconductcredential accesscredential stuffingcredential theftcustom malwaredata exfiltrationdata store exposuredata theftddosdefense evasiondenial of servicedistributed attacksdll injectiondynamic malware analysisenumerationexfiltrationexploitexploit avaliableexploitationexploitation activityfilefollowftpftp brute forcegoogle newsgovernment organizationshasheshttp brute forcehttp scannerhttpsidentity & access exploitationimapin the wildindicatorinitial accessinjection activityinstant updatesiocsjratlateral movementlynxmailing-listmalicious activitymalicious powershell activitymalicious softwaremalwaremalware analysis reportmalware behavior analysismalware familiesmalware implantmetasploitnetworknetwork attacksnetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnevadaongoing attackpanel morfpassword attacksprocess injectionprojectprotocol exploitationransomwareratreconnaissanceremote accessremote servicesresearchedreverse shellrootkitscreenscripting attackssecurity operationsservice discoveryservice enumerationservice scanshadowsilksiemsilentsilent lynxsmb scanningsmtpsmtp brute forcesoftware exploitationssh attackstatesupply chain attacksupply chain compromiset1003t1003.001t1003.006t1003.008t1005t1007t1008t1016t1016.001t1018t1020t1021t1021.001t1027t1027.002t1027.009t1033t1036t1036.005t1040t1041t1046t1047t1053t1053.005t1055t1055.001t1055.002t1055.003t1055.004t1056t1056.001t1056.004t1057t1059t1059.001t1059.003t1068t1071t1071.001t1071.004t1076t1078t1082t1083t1086t1087t1087.001t1087.002t1090t1090.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1113t1114t1119t1123t1125t1133t1134t1134.002t1134.005t1136t1136.001t1136.002t1189t1190t1203t1204t1204.002t1217t1486t1496t1499.002t1499.003t1505.003t1543t1543.003t1546t1546.003t1546.008t1546.011t1547t1547.001t1552t1552.001t1552.003t1555t1555.003t1560t1560.001t1560.003t1562t1562.001t1562.006t1563t1565t1566t1566.001t1566.002t1567t1569.002t1571t1573t1574t1574.001t1574.002t1574.009t1583t1584.006t1587.001t1588.001t1589t1590t1590.005t1594t1595t1595.001t1595.002t1595.003t1596tcp protocoltcp scantcp scanningtelnet threatthreat actorthreat intelligencetoolstor nodetrashtwitterudp port scanudp scanvdb-entryvendor-advisoryvulnerability scanweb traffic

Activity Timeline

1 total obs

Apr 27Apr 27

Threat Activity Heatmap

· Peak: 2026-04-27

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

81%

Confidence

Reports

First seenFeb 14, 2025

Last seenApr 27, 2026

VirusTotal

15/ 91vendors flagged

16% detection rateJun 5, 2026

WHOIS

raw: Administrative city: REDACTED FOR PRIVACY Administrative country: REDACTED FOR PRIVACY Administrative state: REDACTED FOR PRIVACY Billing city: REDACTED FOR PRIVACY Billing country: REDACTED FOR PRIVACY Billing state: REDACTED FOR PRIVACY Create date: 2024-12-03 00:00:00 Domain name: hometowncity.cloud Domain registrar id: 1479 Domain registrar url: www.namesilo.com Expiry date: 2025-12-03 00:00:00 Name server 1: ns4.qhoster.net Name server 2: ns3.qhoster.net Name server 3: ns2.qhoster.net Name server 4: ns1.qhoster.net Query time: 2024-12-05 00:30:12 Registrant city: 1f8f4166599d23ee Registrant country: United States Registrant email: 29e2c061f3c9524es@ Registrant fax: 1f8f4166599d23ee Registrant name: 1f8f4166599d23ee Registrant phone: 1f8f4166599d23ee Registrant state: 495b7df14413c537 Registrant zip: 1f8f4166599d23ee Technical city: REDACTED FOR PRIVACY Technical country: REDACTED FOR PRIVACY Technical state: REDACTED FOR PRIVACY Update date: 2024-12-03 00:00:00

`document.hometowncity.cloud`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy