IOC Radar
DomainHighVerifiedSignal 65/100

gardn.org.au

Location
United KingdomUnited Kingdom
First Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Apr 17
First Seen
61d ago
Apr 23
Last Seen
55d ago
5
Reports
source reports
65%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

5 reports65% confidence
5
Source reports
65%
Confidence score
Category tags
active scaneuropeindicatoripv4networkphisingresearchedunited kingdom

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain `gardn.org.au` has been identified as a high-risk Indicator of Compromise (IOC), scoring 64.84 with no whitelist status, signifying a critical security concern. This IOC is directly associated with the "Pushpaganda" campaign, which is known for manipulating Google Discovery Feeds through AI-generated content to spread malicious notifications. Such deceptive tactics aim to lure unsuspecting users into interacting with harmful content, potentially resulting in credential theft, malware …

Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
5
Reports
First seenApr 17, 2026
Last seenApr 23, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
HUMAN’s Satori Threat Intelligence and Research Team has identified a novel ad fraud, social engineering, and scareware threat dubbed Pushpaganda. This operation, named for push notifications central to the scheme, generates invalid organic traffic from real mobile devices by tricking users into subscribing to enabling notifications that presented alarming messages.
domain rank
-1
raw
DNSSEC: unsigned Domain Name: gardn.org.au Eligibility Type: Other Last Modified: 2025-06-22T05:23:48Z Name Server: ns7.setrahost.com Name Server: ns8.setrahost.com Registrant Contact ID: fffdcbfa9b46e2aa Registrant Contact Name: 69d6a39ebb8733a7 Registrant ID: ea82c252e3eaa67e Registrant: b4eb0c16e788ecff Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +61.894220890 Registrar Name: Web Address Registration Pty Ltd Registrar URL: https://www.crazydomains.com.au/contact/ Registrar WHOIS Server: whois.auda.org.au Registry Domain ID: 96c991be099741d1a9e93b02f0079666-AU Status: ok https://identitydigital.au/get-au/whois-status-codes#ok Tech Contact ID: b293706412fc4bda9b4b9fe079240342-AU
references
IOCs.2026.csv, https://www.humansecurity.com/learn/resources/satori-threat-intelligence-alert-pushpaganda-manipulates-google-discovery-feeds-with-ai-generated-content-to-spread-malicious-notifications/
subdomains count
10

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 months ago · Last seen 1 month ago
Appeared in 5 threat reports