DomainMediumSignal 76/100
dublin-ca.net
Location
United StatesFirst Seen
Nov 24, 2023
Last Seen
May 11, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
11 reports76% confidence
11
Source reports
76%
Confidence score
Category tags
active scanactive scanningattachment phishingattackauthentication attackbecbotnetbotnet activitybrand impersonationbrute forcec2command & controlcommand and controlcompromised accountcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposuredata theftddosdenial of servicedistributed attacksexploitation activityftp brute forcehttp brute forcehydra attackidentity & access exploitationimpersonation phishingindicatorinfrastructure acquisitionreconnaissanceinitial accessinjection activitylink injectionlink redirectionlogin attacklogin attemptsmalicious activitymalicious attachmentmalicious attachmentsmalicious linkmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmalware phishingmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scannorth americaphishingphishing activityphishing attackphishing campaignphishing-databaseprocess injectionprotocol exploitationransomwarerdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedsecurity awarenessservice enumerationservice scansmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1589t1589.002t1590.001t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatthreat actorudp scanunited statesuser interactionvulnerability scanweb securitywebsite phishing
Activity Timeline
May 11May 11
Threat Activity Heatmap
· Peak: 2026-05-11LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **dublin-ca.net** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from the United States. First observed on November
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
11
Reports
First seenNov 24, 2023
Last seenMay 11, 2026
VirusTotal
Not checked
WHOIS
- description
- For POC
- domain rank
- -1
- raw
- Administrative city: San Mateo Administrative country: United States Administrative state: California Create date: 2025-02-23 00:00:00 Domain name: dublin-ca.net Domain registrar id: 472 Domain registrar url: http://www.dynadot.com Expiry date: 2026-02-23 00:00:00 Name server 1: ns1.dyna-ns.net Name server 2: ns2.dyna-ns.net Query time: 2025-02-25 12:12:26 Registrant city: 3715f4e2b12e17cb Registrant company: 473daf17453d83cd Registrant country: United States Registrant email: 8ad8c6c08c716753s@ Registrant name: 1f8f4166599d23ee Registrant phone: bd610aea3d112609 Registrant state: 77ab92f1911d7c5f Registrant zip: ae51fcfbe03bd2c4 Technical city: San Mateo Technical country: United States Technical state: California Update date: 2025-02-23 00:00:00
- references
- https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt
- subdomains count
- 109
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 1 month ago
Appeared in 11 threat reports