DomainHighVerifiedSignal 91/100
sadgcada.com
Location
JapanFirst Seen
Jun 30, 2025
Last Seen
Aug 4, 2025
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
91%
Signal Score
91 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
5 reports91% confidence
5
Source reports
91%
Confidence score
Category tags
active scanningasiacredential harvestingdata aggregationindicatorjapannetworknetwork probingosint frameworkphishing attackprofile informationreconnaissanceresearchedsocial engineeringsocial media reconnaissancet1566.001t1566.002t1566.003t1589t1591t1593t1595t1595.001t1595.002t1595.003t1598twitteruser data
Activity Timeline
Aug 4Aug 4
Threat Activity Heatmap
· Peak: 2025-08-04LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
91
SIGNAL
Signal Score
91%
Confidence
5
Reports
First seenJun 30, 2025
Last seenAug 4, 2025
Verified IOC
VirusTotal
Not checked
WHOIS
- domain rank
- -1
- raw
- Create date: 2025-06-15 00:00:00 Domain name: sadgcada.com Domain registrar id: 3858 Domain registrar url: https://www.dnspod.com Expiry date: 2026-06-15 00:00:00 Query time: 2025-06-16 11:23:37 Update date: 2025-06-15 00:00:00
- references
- https://x.com/romonlyht/status/1939487686215217573, https://x.com/romonlyht/status/1939487689767846200, https://x.com/romonlyht/status/1939487688115229166, https://x.com/romonlyht/status/1939487900158378356, https://x.com/romonlyht/status/1939488441131250006, https://x.com/romonlyht/status/1939488443043910030, https://x.com/romonlyht/status/1939488444620964000, https://x.com/romonlyht/status/1939488656148123742, https://x.com/romonlyht/status/1939493263209300089, https://x.com/romonlyht/status/1939493265226789246, https://x.com/romonlyht/status/1939493767784038544, https://x.com/romonlyht/status/1939493769583489276, https://x.com/romonlyht/status/1939493771131109442, https://x.com/romonlyht/status/1939497517454164447, https://x.com/romonlyht/status/1939497519358316657, https://x.com/romonlyht/status/1939497521438748713, https://x.com/romonlyht/status/1939497523225427981, https://x.com/romonlyht/status/1939497525263905199, https://x.com/romonlyht/status/1939501275479171119, https://x.com/romonlyht/status/1939501277530239091, https://x.com/romonlyht/status/1939503492378636392, https://x.com/romonlyht/status/1939506052141347323, https://x.com/romonlyht/status/1939506056113373408, https://x.com/romonlyht/status/1939510321623994688, https://x.com/romonlyht/status/1939510323343749201, https://x.com/romonlyht/status/1939510657633943955, https://x.com/romonlyht/status/1939510655511670809, https://x.com/romonlyht/status/1939510880129241457, https://x.com/romonlyht/status/1939512836834943235, https://x.com/romonlyht/status/1939512842304274853, https://x.com/romonlyht/status/1939515896839766099, https://x.com/romonlyht/status/1939515898731368563, https://x.com/romonlyht/status/1939515900274921931, https://x.com/romonlyht/status/1939516566850408807, https://x.com/romonlyht/status/1939516565134921929, https://x.com/romonlyht/status/1939516570440720609, https://x.com/romonlyht/status/1939516568423276660, https://x.com/romonlyht/status/1939523508473856309, https://x.com/romonlyht/status/1939523510445216004, https://x.com/romonlyht/status/1939523890709147867, https://x.com/romonlyht/status/1939523898271506612, https://x.com/romonlyht/status/1939524185967243557, https://x.com/romonlyht/status/1939526575994908966, https://x.com/romonlyht/status/1939527017550303666, https://x.com/romonlyht/status/1939527019794252158, https://x.com/romonlyht/status/1939529846750855397, https://x.com/romonlyht/status/1939529848688676896, https://x.com/romonlyht/status/1939529850739650887
- subdomains count
- 2
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 11 months ago · Last seen 10 months ago
Appeared in 5 threat reports