IOC Radar
DomainHighVerifiedSignal 71/100

ddos.rondoavenueinc.org

First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
60d ago
Apr 23
Last Seen
52d ago
5
Reports
source reports
71%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

5 reports71% confidence
5
Source reports
71%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain `ddos.rondoavenueinc.org` has been identified as a critical Indicator of Compromise (IOC), pointing towards active malicious infrastructure potentially involved in command and control (C2) operations for various malware families, including AsyncRat and DCRAT. Its high-risk score of 71.27, coupled with its presence across multiple reputable threat intelligence feeds such as Cyber Threat Alliance (CTA) Premium and AlienVault OTX, underscores the severe threat it poses. Compromise involv…

Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
5
Reports
First seenApr 16, 2026
Last seenApr 23, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
Command and Control domains for Win32.TrojanDonwloader.DCRAT. These domains are extracted from a number of sources, and are suspicious.
raw
Administrative city: Redacted for Privacy Purposes Administrative country: United States Administrative state: Redacted for Privacy Purposes Create date: 2012-12-07 00:00:00 Domain name: rondoavenueinc.org Domain registrar id: 1068.0 Domain registrar url: whois.namecheap.com Expiry date: 2026-12-07 00:00:00 Name server 1: dns1.registrar-servers.com Name server 2: dns2.registrar-servers.com Query time: 2026-01-16 11:19:09 Registrant address: 3b5f76ecd769308f Registrant city: 3b5f76ecd769308f Registrant company: 3b5f76ecd769308f Registrant country: Philippines Registrant name: 3b5f76ecd769308f Registrant state: e1a13ff8c8552296 Registrant zip: 3b5f76ecd769308f Technical city: Redacted for Privacy Purposes Technical country: United States Technical state: Redacted for Privacy Purposes Update date: 2026-01-14 00:00:00

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 months ago · Last seen 1 month ago
Appeared in 5 threat reports