IOC Radar
DomainMediumSignal 37/100

dukka.com.tr

Location
United StatesUnited States
First Seen
Aug 5, 2021
Last Seen
Jun 4, 2026
Aug 5
First Seen
1770d ago
Jun 4
Last Seen
7d ago
7
Reports
source reports
37%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

7 reports37% confidence
7
Source reports
37%
Confidence score
Category tags
account takeover attemptactive scanactive scanningattachment phishingauthentication attackbecbotnetbotnet activitybrand impersonationbrute forcecommand and controlcompromised accountcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposuredata theftddosdenial of servicedistributed attacksexploitation activityftp brute forcehttp brute forcehydra attackidentity & access exploitationimpersonation phishingindicatorinfrastructure acquisitionreconnaissanceinitial accessinjection activitylink injectionlink redirectionlogin attacklogin attemptsmalicious attachmentmalicious attachmentsmalicious linkmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmalware phishingmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scannorth americaphishingphishing activityphishing attackphishing campaignphishing-databaseprocess injectionprotocol exploitationransomwarerdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedsecurity awarenessservice enumerationservice scansmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1589t1589.002t1590.001t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatthreat actortor nodeudp scanunited statesuser interactionvulnerability scanweb securitywebsite phishing

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
7
Reports
First seenAug 5, 2021
Last seenJun 4, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
Domain Status: Active Frozen Status: - Last Update Time: 2025-09-18T20:04:18+03:00 Organization Name : Çizgi Telekomünikasyon A.Ş. Transfer Status: The domain is LOCKED to transfer. cpns1.turhost.com cpns2.turhost.com
subdomains count
11

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 7 days ago
Appeared in 7 threat reports