IOC Radar
DomainMediumSignal 100/100

collector.centralgoogle.com

Location
SpainSpain
First Seen
Oct 2, 2021
Last Seen
Feb 19, 2026
Oct 2
First Seen
1723d ago
Feb 19
Last Seen
123d ago
8
Reports
source reports
99%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Feed Intelligence Summary

8 reports99% confidence
8
Source reports
99%
Confidence score
Category tags
abuseaccount discoveryaccount profilingaccount takeoveralienvault_ransomwareapi abuseasiaauthentication bypassauthentication flawbloat-abotnetcanadachinacommand and controlcredential accesscredential harvestingcredential theftcryptographydata breachdata exfiltrationdigital certificatedigital signaturedistributed attackse-signature securityeuropeindicatorinfrastructure acquisitionreconnaissancejapanmalicious softwaremalwaremalware signingmanualnetworknorth americaphishing attackprocess injectionprotocol-deviresearchedsocial engineeringsoftware integrityspaint1055t1071.001t1078t1110t1189t1190t1486t1496t1499.002t1499.003t1539t1554.001t1554.003t1555t1565t1566.001t1566.002t1566.003t1567t1587.001t1590.001united statesw32.bloat-a

Activity Timeline

1 total obs
Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **collector.centralgoogle.com** has been identified as a significant indicator of compromise (IOC) associated with botnet and malware activities. Originating from Spain, this malicious domain first appeared in threat intelligence reports on October

Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
8
Reports
First seenOct 2, 2021
Last seenFeb 19, 2026

VirusTotal

Not checked

WHOIS

registrar
MarkMonitor, Inc.
creation date
2020-01-08T02:37:32
expiration date
2027-01-08T02:37:32
updated date
2025-12-07T10:38:33
name servers
NS1.GOOGLEDOMAINS.COM, NS2.GOOGLEDOMAINS.COM, NS3.GOOGLEDOMAINS.COM, NS4.GOOGLEDOMAINS.COM
country
US
emails
[email protected], [email protected]
org
Google LLC
status
clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited), clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited, clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited), clientTransferProhibited https://icann.org/epp#clientTransferProhibited, clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited), clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 4 months ago
Appeared in 8 threat reports