DomainHighVerifiedSignal 47/100

`405kk.com`

Location

Spain

First Seen

Jan 26, 2026

Last Seen

Jan 26, 2026

Jan 26

First Seen

147d ago

Jan 26

Last Seen

147d ago

Reports

source reports

47%

Confidence

high

Found in 3 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

47%

Signal Score

47 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

52 techniques

Feed Intelligence Summary

3 reports47% confidence

Source reports

47%

Confidence score

Category tags

abuseacceptalienvault_ransomwareamsi streamsascii textasiaautoitautoit errorautoit pausedbackdoorbad trafficbotnetca issuerscanadacapecheckincivil servicesck idck matrixcloud computingcloud migrationcloud securitycloud servicescloud storagecommandcommand and controlcontacted hostscountrycredential harvestingcredential theftcustomer experiencedata accessdata copyingdata exfiltrationdata transferdata uploaddefense evasiondeletedigital commercedigital marketplacedistributed attacksdiv divdomains iie-commercee-commerce platformemailsencrypterroret infoeuropefailurefilesfiles amsiflagfor privacyformformbook cncfoundfoundryfranceget naglobalgovernment technologyh6 divhandles moduleshellohello apihighhostname enumerationhrefhttp attackhybridids detecindicatorinformation gatheringinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinput validation bypassiosipv4ipv4 addjapanlearnlocallookmacosmalicious linksmalicious softwaremalwaremarkmonitormaskmetadata analysismitre attmodules filesmovedmulti-cloud managementname servername serversname tacticsnetherlandsnetworknetwork scanningnetwork trafficnetwork traffic analysisnext associatednlnorth americaonline paymentonline retailonline shoppingonloadopenurl coverview dnspassive dnspath filehandlepath traversalpattern matchphishingphishing attackpresent decpresent janpresent julpresent octpresent sepprocess detailsprocess injectionprojectprotectpublic administrationpublic infrastructurepublic policyq.vashti pulsereconnaissancerecord valuerefreshregulatory agenciesremote accessreport uidrequests domainresearchedrestartrootrootkitscript scriptse referensearchserversshowingsizesocial engineeringsocial media securityspainspanspawnsssl certificatestarfieldstatusstreamsstringst1005t1014t1016t1016.001t1027t1030t1055t1057t1059t1069t1069.002t1071t1071.001t1071.004t1078.004t1083t1105t1113t1115t1116t1133t1140t1189t1190t1204t1204.001t1480t1486t1496t1499.002t1499.003t1553t1553.002t1562t1562.001t1565t1566t1566.001t1566.002t1566.003t1568t1568.002t1583t1583.001t1583.004t1584.003t1584.005t1587.001t1589.001t1590t1590.001t1598titletls handshaketoolstrojan malwaretrojanspytwitterunitedunited statesunknown nsurlsvercel xverifyviewsize c9000viewsize d5000web application exploitationweb securitywindirwriteyara rule

Activity Timeline

1 total obs

Jan 26Jan 26

Threat Activity Heatmap

· Peak: 2026-01-26

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreMedium Risk

SIGNAL

Signal Score

47%

Confidence

Reports

First seenJan 26, 2026

Last seenJan 26, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

registrar: NAMECHEAP INC
creation date: 2022-09-13T00:13:14
expiration date: 2026-09-13T00:13:14
updated date: 2026-03-27T12:25:43
name servers: NS01.405KK.COM, NS11.405KK.COM, NS21.405KK.COM
country: IS
emails: [email protected], [email protected]
org: Privacy service provided by Withheld for Privacy ehf
status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited, transferPeriod https://icann.org/epp#transferPeriod

`405kk.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey