IOC Radar
DomainMediumSignal 15/100

gslink.ca

Location
FranceFrance
First Seen
Jul 9, 2025
Last Seen
Aug 19, 2025
Jul 9
First Seen
351d ago
Aug 19
Last Seen
310d ago
3
Reports
source reports
15%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
15%
Signal Score
15 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Feed Intelligence Summary

3 reports15% confidence
3
Source reports
15%
Confidence score
Category tags
aaaaactive relatedad tevdagapplebodycanada unknownchromecommand and controlcommunication protocolcreation datecyber threatsdata accessdata copyingdata exfiltrationdata misusedata transferdata uploaddonedraiedynamicloaderencryptenter soudcetdientrieseuropeeurope/asiaexcludeexclude suggesexpiration dateextr dataextraction dataextri dataextri includefailedfalse informationfilesfiles domainfiles relatedfinancefinancial servicesfind sfoundryfrancegermanygoogle safeguardhostname addhostname enumerationhtmlhttp attackhttp scannerinclude reviewindicatorinformation gatheringingress tool transfermalicious linksmalicious softwaremalwaremedia centermovedmsiename serversnetherlandsnetworknetwork scanningnextnext associatednorth americapassive dnspersonal datapresent augpresent junpresent sepprocess injectionpulse pulsespulse submitpulsespulses otxransomreconnaissancerecord valueredacted forrelated tagsreputation damageresearchedreviewrussiascript domainsscript urlssearchsecure serverserver responseserversserviceshowingslcc2smear campaignsocial media abusespainstatusstop xsuggest1005t1030t1055t1071.001t1078t1105t1190t1204.001t1486t1499.001t1499.002t1534t1565t1566t1566.001t1589t1589.001t1592t1598titletitle addedtrojan malwaretwittertypeunitedunited statesunknown nsuny inuuueurlsurls showvirtoolweb securityweb trafficwindows ntwritewrite cxport

Activity Timeline

1 total obs
Aug 19Aug 19

Threat Activity Heatmap

· Peak: 2025-08-19
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **gslink.ca** has emerged as a significant indicator of compromise (IOC) linked to malware activities, with its first appearance noted on July

Threat ScoreLow Risk
15
SIGNAL
Signal Score
15%
Confidence
3
Reports
First seenJul 9, 2025
Last seenAug 19, 2025

VirusTotal

Not checked

WHOIS

registrar
MarkMonitor International Canada Ltd.
domain rank
-1
raw
Admin City: Vancouver Admin Country: CA Admin Email: [email protected] Admin Organization: Best Buy Canada Ltd. Admin Postal Code: V5Y1L3 Admin State/Province: BC Billing City: Meridian Billing Country: US Billing Email: [email protected] Billing Organization: MarkMonitor Inc. Billing Postal Code: 83646 Billing State/Province: ID Creation Date: 2019-04-04T18:33:22Z DNSSEC: unsigned Domain Name: gslink.ca Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: asia3.akam.net Name Server: eur1.akam.net Name Server: eur2.akam.net Name Server: ns1-118.akam.net Name Server: ns1-119.akam.net Name Server: usc2.akam.net Name Server: use1.akam.net Name Server: usw2.akam.net Registrant City: a29f17982a50abac Registrant Country: CA Registrant Email: [email protected] Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 88933d162cd96205 Registrant Name: 439dbef761dd6729 Registrant Organization: 439dbef761dd6729 Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 02a84901f1231a13 Registrant Postal Code: 4657bf3ecd4258ea Registrant State/Province: afbb7ef217327b2c Registrant Street: 26b66f5e37e8ca56 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.2083895740 Registrar IANA ID: not applicable Registrar URL: Markmonitor.com Registrar WHOIS Server: whois.ca.fury.ca Registrar: MarkMonitor International Canada Ltd. Registry Admin ID: 16474269-CIRA Registry Billing ID: 73886904-CIRA Registry Domain ID: 74981487-CIRA Registry Expiry Date: 2026-04-04T18:33:22Z Registry Registrant ID: 21157818-CIRA Registry Tech ID: 16474269-CIRA Tech City: Vancouver Tech Country: CA Tech Email: [email protected] Tech Organization: Best Buy Canada Ltd. Tech Postal Code: V5Y1L3 Tech State/Province: BC Updated Date: 2024-03-03T09:34:25Z
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 10 months ago
Appeared in 3 threat reports