IOC Radar
DomainHighVerifiedSignal 41/100

bluemountcapital.cn

Location
Hong KongHong Kong
First Seen
Sep 16, 2025
Last Seen
Jun 8, 2026
Sep 16
First Seen
268d ago
Jun 8
Last Seen
2d ago
6
Reports
source reports
41%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Feed Intelligence Summary

6 reports41% confidence
6
Source reports
41%
Confidence score
Category tags
account compromiseactive scanactive scanningasiaattachment phishingattachment-based attackbecbrand impersonationbrute forcebusiness email compromisecommunication protocolcredential harvestingcredential phishingcredential stuffingcredential theftcredential-harvestingcredential_harvestingdata exfiltrationdata store exposureemail-phishingexploitation activityfinancefraudhong konghttp scannerhttpsidentity & access exploitationindicatorindicators of compromiseinfrastructure acquisitionreconnaissanceinitial accessinjection activityiocip-addresslink injectionlink-based attackmalicious attachmentmalicious domainmalicious linksmalicious softwaremalicious_urlmalwaremalware deliverymalware distributionnetworknetwork probingphishingphishing attackphishing campaignphishing domain activityphishing urlphishing-campaignphishing-databasephishing_attackprocess injectionransomwareransomware vectorreconnaissanceresearchedscams & fraudsecurity operationssmtpsocial engineeringsocial engineering attackspear-phishingspearphishingsupply chain attacksuspicious-urlt1055t1059.001t1071t1071.001t1071.004t1078t1078.001t1189t1190t1192t1204t1204.001t1204.002t1486t1499.002t1534t1552t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.001t1587.001t1590.001t1595.001t1595.002t1595.003t1598t1598.003threat indicatorsthreat intelligencethreat-intelligencetor nodetyposquattingweb securityweb traffic

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **bluemountcapital.cn**, originating from Hong Kong, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on September

Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
6
Reports
First seenSep 16, 2025
Last seenJun 8, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
DNSSEC: unsigned Domain Name: bluemountcapital.cn Domain Status: ok Expiration Time: 2027-07-26 12:18:14 Name Server: ns1.hongkongserver.net Name Server: ns2.hongkongserver.net Name Server: ns3.hongkongserver.net Name Server: ns4.hongkongserver.net Name Server: ns5.hongkongserver.net Name Server: ns6.hongkongserver.net Registrant Contact Email: [email protected] Registrant: 02a8c586552d835f Registration Time: 2016-07-26 12:18:14 Sponsoring Registrar: Dreamscape Networks International Pte Ltd
subdomains count
7

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 8 months ago · Last seen 2 days ago
Appeared in 6 threat reports