DomainMediumSignal 56/100
line-up.com.ar
Location
GermanyFirst Seen
Jan 26, 2024
Last Seen
Apr 18, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
12 reports56% confidence
12
Source reports
56%
Confidence score
Category tags
accessactive scanadminargentinaasiaattachment-basedattack-vectoraustriabbkbecbec attemptbettingbhutanblueskybotnetbotnet activitybrbrand impersonationbrute forcebusiness email compromisecanadachemical & pharmaceuticalcmscommand and controlconfigcredential harvestingcredential phishingcredential stuffingcredential theftcredential-harvestingcredential-theftcrypto currencycryptocurrencycssdata exfiltrationdata store exposuredelivery service scamdetailsdhldhl phishing campaigndistributed attacksdomaindomainsemail-based-attackemail-fraudemail-phishingexecutable fileexploitation activityexpressfake login pagefinancefintechfleet managementfrancefraudfreight servicesgaminggermanygithubglobalgroupshtmlhttphttpshungaryidentity & access exploitationimagesindexindicatorindicators-of-compromiseinfoinformation technologyinfrastructure acquisitionreconnaissanceinjection activityiot securityipfsirelanditalylink injectionlink redirectionmalicious attachmentmalicious linksmalicious softwaremalicious-attachmentmalicious-urlmalwaremalware deliverymalware distributionmaritime transportmedia & entertainmentmediummexicomobile threatnetnetworkpagepassenger transportationphishingphishing attackphishing campaignphishing domainsphishing indicatorsphishing sitephishing urlsphishing-databasephppioneerplpleskpolandprocess injectionragnarokrail transportransomwarerecaptcharesearchedretailromaniascamscams & fraudscriptshipping & logisticsslugsmssms phishingsocial engineeringsoftware publishersouth americaspamsupportsurface webt1055t1071.001t1071.004t1078t1078.004t1189t1192t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.001t1583t1583.001t1587.001t1588t1588.002t1588.004t1590.001t1598t1598.003telecommunicationthreat actorthreat-actor: unknowntinymcetor nodetransportation and warehousingtransportation infrastructuretransportation technologytwitteruploadurgent requesturlurlsweb securitywebsitewebsite spoofing
Activity Timeline
Apr 18Apr 18
Threat Activity Heatmap
· Peak: 2026-04-18LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **line-up.com.ar** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnets, malware, phishing, ransomware, and spam activities. First observed on January
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
12
Reports
First seenJan 26, 2024
Last seenApr 18, 2026
VirusTotal
Not checked
WHOIS
- registrar
- nicar
- description
- This page stores DHL phishing page IOCs. Legitimate website for the brand is https://www.dhl.com/ NOLA defense is tracking newly observed phishing websites. Follow us on twitter https://twitter.com/noladefense
- domain rank
- -1
- raw
- changed: 2025-07-16 23:12:02.400356 changed: 2025-07-16 23:12:04.390931 created: 2019-06-30 21:52:42.070779 created: 2021-02-24 17:42:51.453525 domain: line-up.com.ar nserver: ns10.hostmar.com () nserver: ns9.hostmar.com () registered: 2020-06-16 09:09:38.525688 registrant: 99edf364980b0b02 registrar: nicar
- references
- https://www.virustotal.com/gui/collection/9e06470d30593e11c8daad2157e0d4ef1ccce47787e2b5303846704767c26d6a, https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt
- subdomains count
- 6
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 2 months ago
Appeared in 12 threat reports