IOC Radar
DomainHighVerifiedSignal 64/100

ctgov.com-vipsv.win

First Seen
Apr 10, 2025
Last Seen
Apr 6, 2026
Apr 10
First Seen
431d ago
Apr 6
Last Seen
70d ago
5
Reports
source reports
64%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

5 reports64% confidence
5
Source reports
64%
Confidence score
Category tags
botnetbotnet activitybrand impersonationbrute forcecommand and controlcredential harvestingcredential stuffingdata exfiltrationdata store exposuredeceptive contentdistributed attacksexploitation activityidentity & access exploitationindicatorinjection activitylink injectionmalicious domainsmalicious softwaremalwaremalware distributionnetworkphishingphishing attackphishing campaign detectedphishing campaign detectionprocess injectionresearchedsocial engineeringt1048t1055t1071t1071.001t1189t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1598t1598.003

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The Indicator of Compromise (IOC) `ctgov.com-vipsv.win` represents a critical security concern, identified as a malicious domain with a significant threat score of 64.18 and a confirmed non-whitelisted status. This domain is primarily associated with phishing campaigns, posing a direct and severe risk of initial access for threat actors. If an organization's users interact with this domain, it could lead to credential harvesting, malware delivery, or other forms of social engineering, ultimately…

Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
5
Reports
First seenApr 10, 2025
Last seenApr 6, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

raw
Administrative city: REDACTED FOR PRIVACY Administrative country: REDACTED FOR PRIVACY Administrative state: REDACTED FOR PRIVACY Create date: 2025-04-07 00:00:00 Domain name: com-vipsv.win Domain registrar id: 3775 Domain registrar url: www.alibabacloud.com Expiry date: 2026-04-07 00:00:00 Name server 1: gloria.ns.cloudflare.com Name server 2: dax.ns.cloudflare.com Query time: 2025-04-08 11:09:54 Registrant city: 1f8f4166599d23ee Registrant company: 02df4c68cd74f322 Registrant country: United States Registrant email: 29e2c061f3c9524es@ Registrant fax: 31d1617d95c9a75c Registrant name: 1f8f4166599d23ee Registrant phone: 31d1617d95c9a75c Registrant state: 77ab92f1911d7c5f Registrant zip: 1f8f4166599d23ee Technical city: REDACTED FOR PRIVACY Technical country: REDACTED FOR PRIVACY Technical state: REDACTED FOR PRIVACY Update date: 2025-04-07 00:00:00

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 2 months ago
Appeared in 5 threat reports