IOC Radar
DomainMediumSignal 69/100

captiorweb.com

Location
BelarusBelarus
First Seen
Jan 26, 2026
Last Seen
Jun 7, 2026
Jan 26
First Seen
136d ago
Jun 7
Last Seen
4d ago
10
Reports
source reports
69%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

56 techniques

Feed Intelligence Summary

10 reports69% confidence
10
Source reports
69%
Confidence score
Category tags
abuseaccess controlaccount securityactiveactive scanactive scanningalienvault_ransomwareaptbackdoorbad reputationbelarusbitcoinblockchainbodybrute forcec2 infrastructurecaptchaclickfix malware campaigncode injectioncommand & controlcommand executioncommodity contracts intermediationcommunity managementcontentcontent sharingcredential harvestingcredential stuffingcredential theftcrypto exchangecrypto miningcrypto walletcryptocurrencycryptocurrency threatscryptojackingcyber campaigncybersecurity companyczechczech republicdata encryptiondata exfiltrationdata store exposuredecentralized financedestroylist_phishingdigital currencydigital platformsdrainerencryptioneuropeeurope/asiaexecutable fileexodusexploitation activityexposure assessment platformexposure managementextortionfake captchafinancefraudglasswormhtmlhtmlcsshungaryidentity & access exploitationimpure stealerindicatorinformation gatheringinformation stealerinfostealerinjection activityiociocsiot securityjavascript injectionloaderloader c2sloader malwaremalicious powershell activitymalicious softwaremalwaremanaged security solutionsmulti-vector threat campaignmustnetworknetwork probingoperating systemoperating system securityoperation camelclonephishingphishing attackpolandpolishprocess injectionpythonransomwarerapid7reconnaissanceremote accessresearchedresource hijackingscamscams & fraudscripting attackssecurity operationssecurity policyslovakiasocial analyticssocial engineeringsocial mediasocial media marketingsocial media reconnaissancesocial media securitysocial networkingstealcstealerswedenswedishsystem disruptiont1005t1021.001t1027t1027.002t1041t1055t1059t1059.001t1059.007t1069.001t1071t1071.001t1078t1086t1095t1102.001t1104t1105t1132.002t1133t1140t1189t1190t1204.001t1204.002t1486t1490t1496t1497.001t1497.003t1499.002t1539t1552t1555t1555.003t1565t1566t1566.001t1566.002t1566.003t1567.001t1571t1573.001t1583.001t1584.006t1587t1588t1588.001t1589t1592t1595t1595.001t1595.002t1595.003t1608.001t1608.004tengu ransomwarethreat actorthreat groupthreat intelligencethreat preventiontor nodeturkeyturkishtwitteruser engagementvidarvidar stealervodkastealervoid#geistweb exploitationweb-based malwarewordpress compromiseyarayara rule

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **captiorweb.com** has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from Belarus. First observed on January

Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
10
Reports
First seenJan 26, 2026
Last seenJun 7, 2026

VirusTotal

Not checked

WHOIS

registrar
NameSilo, LLC
creation date
2026-01-18T18:40:11
expiration date
2027-01-18T18:40:11
updated date
2026-01-26T22:04:49
name servers
NS1.DNSOWL.COM, NS2.DNSOWL.COM, NS3.DNSOWL.COM
country
US
emails
[email protected], [email protected]
org
See PrivacyGuardian.org
status
client hold https://www.icann.org/epp#client hold, clientHold https://icann.org/epp#clientHold

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 4 days ago
Appeared in 10 threat reports