IOC Radar
DomainMediumSignal 33/100

hurdln.asia

Location
NetherlandsNetherlands
First Seen
Sep 12, 2025
Last Seen
Jun 11, 2026
Sep 12
First Seen
273d ago
Jun 11
Last Seen
yesterday
9
Reports
source reports
33%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
33%
Signal Score
33 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Feed Intelligence Summary

9 reports33% confidence
9
Source reports
33%
Confidence score
Category tags
access attemptsactive scanactive scanningaptauthentication abuseauthentication attackauthentication attemptsauthentication failurebad reputationblacklisted hashblacklisted ip addressbrute forcebrute force attackbrute force attemptcloud infrastructurecode executioncommand and controlcommand executioncommunication protocolcompromised hostcompromised systemcredential accesscredential brute forcingcredential stuffingdata encryptiondata exfiltrationdata store exposureddosdenial of servicednsdns attackencryptionenumerationeu cyber policieseu economyeuropeeuropean union politicsexfiltrationexploit attemptexploitationexploitation activityexploitation attemptsexploitation of privilegeextortionfin scanfinancial motivationfirewall alertftpftp brute forcehashhttp brute forcehttp scannerhttpsidentity & access exploitationindicatorinitial accessinjection activityintrusion detectioniociot securitylateral movementlogin attacklogin attemptmalicious communication blockedmalicious ip blockingmalicious login attemptsmalicious softwaremalwaremalware communicationnetherlandsnetworknetwork activitynetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork trafficnull scanos credential dumpingpassword attackpassword attackspasswordattackphishingpossible ddos preparationpossible distributed attackpossible malicious activitypotential breachpotential exploit targetingprocess injectionprotocol exploitationransomwarereconnaissancereconnaissance activityreferendum analysisregional securityremote accessremote access attemptsremote servicesresearchedresource developmentscannersecurity operationsself-signedservice discoveryservice scansmb brute forcesmb scanningsmtp brute forcesoftware exploitationssh attacksyn scansystem discoverysystem disruptiont1003t1016t1018t1021t1021.001t1021.002t1027t1040t1046t1047t1053t1055t1059t1059.004t1068t1071t1071.001t1076t1077t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1490t1499.001t1499.002t1499.003t1563t1565t1566t1573t1589t1589.002t1595t1595.001t1595.002t1595.003tcp protocoltcp scantcp scanningtelnet threattftp brute forcethreat actorthreat intelligencetor nodeudp scanunauthorized access attemptsunauthorized login attemptsunidentified malwarevalid accountsweb trafficxamzexpires300xmas scan

Activity Timeline

1 total obs
Jun 11Jun 11

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain hurdln.asia has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats, including malware, phishing, ransomware, and scanning activities. Originating from the Netherlands, this malicious domain has been active from September

Threat ScoreLow Risk
33
SIGNAL
Signal Score
33%
Confidence
9
Reports
First seenSep 12, 2025
Last seenJun 11, 2026

VirusTotal

Not checked

WHOIS

domain rank
-1
raw
Administrative city: REDACTED Administrative country: REDACTED Administrative state: REDACTED Create date: 2025-09-09 00:00:00 Domain name: hurdln.asia Domain regisrar id: 472 Domain registrar url: http://dynadot.com Expiry date: 2026-09-09 00:00:00 Name server 1: ns1.dyna-ns.net Name server 2: ns2.dyna-ns.net Query time: 2025-09-10 09:16:13 Registrant city: 3495bcf1839c6374 Registrant company: 473daf17453d83cd Registrant country: United States Registrant email: fb6ff66ef97c0518s@ Registrant fax: 3495bcf1839c6374 Registrant name: 3495bcf1839c6374 Registrant phone: 3495bcf1839c6374 Registrant state: 77ab92f1911d7c5f Registrant zip: 3495bcf1839c6374 Technical city: REDACTED Technical country: REDACTED Technical state: REDACTED Update date: 2025-09-09 00:00:00
references
https://x.com/skocherhan/status/1967767430840848497, https://x.com/skocherhan/status/1967822269587284001, https://x.com/skocherhan/status/1967844396960972963, https://x.com/skocherhan/status/1967845644292546844, https://x.com/skocherhan/status/1967887819290136899, https://x.com/skocherhan/status/1967889109860352032, https://x.com/skocherhan/status/1967978837373039098, https://x.com/skocherhan/status/1968067462064464049
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 9 months ago · Last seen 1 day ago
Appeared in 9 threat reports