DomainMediumSignal 83/100
covid19questionnaire.freesite.vip
First Seen
Oct 29, 2024
Last Seen
Feb 25, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
83%
Signal Score
83 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
9 reports83% confidence
9
Source reports
83%
Confidence score
Category tags
accessactive scanningactorsandroidbackdoorboombotnetbrute forcecmdcodecommand and controlcommunication protocolconnectcovid19coyotecredential accesscredential stuffingcritical infrastructurecsscyber securitydata encryptiondata exfiltrationdatabase securitydenial of servicedistributed attacksdropperemailexploitfilefilesfinftpftp brute forcegdriveglobalgroupshttphttp brute forcehttp scannerhttpsindicatorinfoinformation technologyinitial accessinjection attacksintrusion detectioniociocsirgclabslateral movementmalicious softwaremalwaremedia & entertainmentmsinetnetworknetwork attacksnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securityngrokonephishingprocess injectionreconnaissanceremote accessremote servicesresearchedscannerscriptself-signedslugssh attackstealersummitsupportsurface websynt1021t1021.001t1021.002t1040t1055t1059t1059.003t1059.004t1059.005t1071.001t1076t1077t1110t1110.001t1110.002t1110.003t1189t1190t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1589t1589.002t1590t1590.001t1590.002t1590.003t1590.004t1592t1592.001t1592.002t1592.003t1595t1595.001t1595.002t1595.003tcp protocolthreat intelligencetopunauthorized access attemptunixurlweb loginweb trafficwebsitewindowsxmasyara
Activity Timeline
Feb 25Feb 25
Threat Activity Heatmap
· Peak: 2026-02-25LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
83
SIGNAL
Signal Score
83%
Confidence
9
Reports
First seenOct 29, 2024
Last seenFeb 25, 2026
VirusTotal
Not checked
WHOIS
- registrar
- NameCheap, Inc.
- description
- This is a pulse created to house CND internal IOCs that we want to monitor, please add title to explain what the IOC and a further description of if this is needed.
- raw
- Creation Date: 2019-07-25T16:19:22Z DNSSEC: unsigned Domain Name: freesite.vip Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: ns1.fp261.parklogic.com Name Server: ns2.fp261.parklogic.com Registrant City: 1f8f4166599d23ee Registrant Country: IS Registrant Email: f651612a2f356ad3s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 4b7a0912c26a13e2 Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 3e0204199d8ebf9c Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.6613102107 Registrar IANA ID: 1068 Registrar URL: http://www.namecheap.com Registrar WHOIS Server: whois.namecheap.com Registrar: NameCheap, Inc. Registry Domain ID: REDACTED FOR PRIVACY Registry Expiry Date: 2026-07-25T16:19:22Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2025-07-02T07:07:22Z
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 9 threat reports