DomainHighVerifiedSignal 64/100

`cpcalendars.mandole-mensan.com`

Location

United States

First Seen

Jul 8, 2025

Last Seen

Mar 21, 2026

Jul 8

First Seen

343d ago

Mar 21

Last Seen

87d ago

Reports

source reports

64%

Confidence

high

Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

64%

Signal Score

64 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

157 techniques

Feed Intelligence Summary

4 reports64% confidence

Source reports

64%

Confidence score

Category tags

abuseadvanced persistent threatamazonappleaptapt groupberbewbingbotnetcaretocivilcivil servicescivilian targetingcode injectioncommand and controlcommunication technologiescompromised routercredential harvestingcrimedata exfiltrationdata theftddos attacksdefense evasiondefense-evasiondistributed attacksdnselectronic health recordsencrypted connectionsendgameenterprise securityeu cyber policieseuropeexploitfirmware infectionfirmware modificationformbook stealergooglegovernment technologyhackershealth care and social assistancehealth information technologyhealthcare information systemshospital managementhtml smugglinghtml_smugglingindicatorinformation technologyingress tool transferintelligence agency surveillanceinternet of thingsiosios malwareiot botnetiot/ics attackit infrastructurejavalaw enforcement surveillancelazarus grouplinklinuxlinux malwaremacmalicious softwaremalwaremalware campaignmass surveillancemedical servicesmirai botnetmobilemobile carriersmobile malwaremobile networksmobile securitymobile spywarenetworknorth americansonso groupoperating systemparagonpatch managementpatient carepdfpdf exploitpegasuspegasus projectpeoplephishingphishing attackpoliceprocess injectionpublic administrationpublic infrastructurepublic policyregional securityregulatory agenciesremote accessremote access trojanresearchedsamsungsecurity operationsskynetsmssms exploitsocial engineeringsoftware developmentsoftware vulnerabilitiessonystatestate-promovedstate-sponsoredstealersupply chain attackt1001t1003t1003.001t1003.004t1004t1005t1011t1016t1018t1019t1020t1021.001t1021.006t1027t1036t1037t1037.003t1041t1053t1055t1055.001t1056t1059t1059.001t1059.004t1059.007t1062t1064t1068t1069.001t1070t1071t1071.001t1071.004t1076t1078t1078.004t1082t1084t1087t1088t1094t1105t1110t1113t1114.002t1130t1133t1156t1185t1187t1189t1190t1192t1193t1195t1199t1202t1204t1204.001t1204.002t1205t1210t1211t1212t1218.001t1485t1486t1490t1491t1495t1496t1497t1499.002t1499.003t1505t1529t1530t1539t1543t1546t1547t1552t1553t1553.003t1553.004t1555t1556t1557t1562t1563.002t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1568t1569t1571t1573t1574t1578t1580t1583t1584t1585t1586t1587t1587.003t1588t1589t1590t1591t1592t1593t1594t1595t1596t1596.001t1596.004t1597t1598t1599t1600t1601t1602t1602.001t1602.002t1606t1608t1609t1610t1611t1612t1613t1614t1615t1619t1620t1621t1622t1647t1648t1649t1650t1651t1652t1653t1654t1656t1657t1659t1665t1666targeted spyware campaigntargeted-attackstelecom servicestelecommunicationsthreat intelligencetraffic maskingtrojan downloadertrojan malwareunited statesweb exploitationwindows malwarewixzero click exploitzero-day exploit

Activity Timeline

1 total obs

Mar 21Mar 21

Threat Activity Heatmap

· Peak: 2026-03-21

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

The domain **cpcalendars.mandole-mensan.com** has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from the United States. First observed on July

Threat ScoreMedium Risk

SIGNAL

Signal Score

64%

Confidence

Reports

First seenJul 8, 2025

Last seenMar 21, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

registrar: Hosting Concepts B.V. d/b/a Registrar.eu
description: Operation Endgame 2: Mass, permanent surveillance targeting civilians without warrants. Advanced tools infect devices via malicious links (WhatsApp/SMS/email) or PDFs with zero-day exploits. Clicking executes malware: Pegasus (Android/iOS) or Mirai (Linux/Windows), enrolling devices into a botnet. Infections are persistent, often replacing device/router firmware, requiring hardware changes. Malicious traffic hides via Google/Cloudflare DNS. Thousands of companies collaborate (Amazon, Google, Microsoft, Facebook, WhatsApp, Apple, etc.), providing servers, domains, and websites to mask attacks. This enables agencies to infect targets even when accessing legitimate services (e.g., logging into Amazon) if the browser is vulnerable. Attacks are targeted, evading firewalls, and expose private data, risking targets' physical safety. The operation involves multiple allied states.
raw: Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2010-06-18T10:15:17Z DNSSEC: unsigned Domain Name: MANDOLE-MENSAN.COM Domain Name: mandole-mensan.com Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: VIRT3482-2.UNELINK.NET Name Server: VIRT3482.UNELINK.NET Name Server: virt3482-2.unelink.net Name Server: virt3482.unelink.net Registrant City: 1f8f4166599d23ee Registrant Country: ES Registrant Email: 73adb106b8f92c1bs@ Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: f9a86357a524f751 Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 4d907c82b34fe3a3 Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +31.104482297 Registrar IANA ID: 1647 Registrar Registration Expiration Date: 2026-06-18T10:15:17Z Registrar URL: http://www.openprovider.com Registrar URL: https://www.registrar.eu Registrar WHOIS Server: whois.registrar.eu Registrar: Hosting Concepts B.V. d/b/a Registrar.eu Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: 1602657593_DOMAIN_COM-VRSN Registry Expiry Date: 2026-06-18T10:15:17Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2025-07-23T22:32:35Z Updated Date: 2025-07-24T00:32:35Z

`cpcalendars.mandole-mensan.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy