IOC Radar
DomainMediumSignal 45/100

americanexpressempresas.com

Location
United StatesUnited States
First Seen
Jul 18, 2024
Last Seen
Jun 9, 2026
Jul 18
First Seen
692d ago
Jun 9
Last Seen
yesterday
10
Reports
source reports
45%
Confidence
medium
12/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Feed Intelligence Summary

10 reports45% confidence
10
Source reports
45%
Confidence score
Category tags
account compromiseaccount discoveryaccount exploitationaccount profilingaccount takeoveractive scanamerican expressamexapache geoipbackup exfiltrationbankingbecbrand impersonationbrute forcebusiness email compromisecommunication protocolcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredit card servicesdata exfiltrationdata leakagedata store exposuredata theftexploitation activityfastlyfinancefinancial servicesfinancial technologyform submission phishingfraudgeoipgmbhgooglehttp scannerhttp/shttpsidentity & access exploitationindicatorinformation disclosureinfrastructure acquisitionreconnaissanceinitial accessinjection activityioclateral movementlink injectionlink redirectionmalicious attachmentmalicious attachmentsmalicious linkmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmalware phishingnetworknorth americapayment processingphishingphishing activityphishing attackphishing-databasepotential malware infectionprocess injectionresearchedscamscams & fraudsecurity operationssmtpsocial engineeringt1003t1055t1059t1071.001t1078t1078.003t1110t1189t1190t1192t1204t1204.001t1204.002t1213t1486t1499.002t1534t1539t1547t1555t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1567.001t1587.001t1590.001t1598t1598.003threat actorthreat intelligenceunited statesunknown threat groupurlswealth managementweb securityweb trafficwebsite phishingwhaling attack

Activity Timeline

1 total obs
Jun 9Jun 9

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **americanexpressempresas.com** has emerged as a significant indicator of compromise (IOC) associated with both malware and phishing activities. First observed on July

Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
10
Reports
First seenJul 18, 2024
Last seenJun 9, 2026

VirusTotal

12/ 91vendors flagged
13% detection rateJun 10, 2026

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 day ago
Appeared in 10 threat reports