IOC Radar
DomainMediumSignal 0/100

educat-apresentacao-sesc-api.educat.net.br

First Seen
Jul 8, 2025
Last Seen
Jul 9, 2025
Jul 8
First Seen
337d ago
Jul 9
Last Seen
337d ago
2
Reports
source reports
0%
Confidence
medium
1/91
VirusTotal
detections
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

2 reports0% confidence
2
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
Jul 9Jul 9

Threat Activity Heatmap

· Peak: 2025-07-09
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **educat-apresentacao-sesc-api.educat.net.br** has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports, first observed on July

Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
2
Reports
First seenJul 8, 2025
Last seenJul 9, 2025

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
Operation Endgame: Mass, permanent surveillance targeting civilians without warrants. Advanced tools infect devices via malicious links (WhatsApp/SMS/email) or PDFs with zero-day exploits. Clicking executes malware: Pegasus (Android/iOS) or **Mirai** (Linux/Windows), enrolling devices into a botnet. Infections are persistent, often replacing device/router firmware, requiring hardware changes. Malicious traffic hides via Google/Cloudflare DNS. Thousands of companies collaborate (Amazon, Google, Microsoft, Facebook, WhatsApp, Apple, etc.), providing servers, domains, and websites to mask attacks. This enables agencies to infect targets even when accessing legitimate services (e.g., logging into Amazon) if the browser is vulnerable. Attacks are targeted, evading firewalls, and expose private data, risking targets' physical safety. The operation involves multiple allied states.
raw
changed: 20200405 changed: 20210801 country: BR created: 19980310 created: 20150816 #14556424 domain: educat.net.br e-mail: [email protected] expires: 20310816 nic-hdl-br: PRA13 nserver: ns-1060.awsdns-04.org nserver: ns-282.awsdns-35.com status: published

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 11 months ago
Appeared in 2 threat reports