IOC Radar
DomainHighVerifiedSignal 71/100

ess4nceofjuly.com

Location
United StatesUnited States
First Seen
Apr 14, 2026
Last Seen
May 31, 2026
Apr 14
First Seen
60d ago
May 31
Last Seen
13d ago
6
Reports
source reports
71%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

18 techniques

Feed Intelligence Summary

6 reports71% confidence
6
Source reports
71%
Confidence score
Category tags
base64 obfuscationdeerstealerdgaencryptionexploitation activityfake captchafileless executionindicatorinfostealernetworknorth americapowershellresearchedscams & fraudserver-side polymorphismt1005t1027t1027.002t1041t1055t1059.001t1070.004t1071.001t1082t1105t1112t1140t1204.001t1497t1539t1555t1555.003t1566.002threat actorunited statesvidarxor encryption

Activity Timeline

Threat Activity Heatmap

Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
6
Reports
First seenApr 14, 2026
Last seenMay 31, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
GoDaddy.com, LLC
domain rank
-1
raw
Creation Date: 2021-04-01T19:37:03Z DNSSEC: unsigned Domain Name: ESS4NCEOFJULY.COM Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS55.DOMAINCONTROL.COM Name Server: NS56.DOMAINCONTROL.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: 480-624-2505 Registrar IANA ID: 146 Registrar URL: http://www.godaddy.com Registrar WHOIS Server: whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Domain ID: 2602263458_DOMAIN_COM-VRSN Registry Expiry Date: 2027-04-01T19:37:03Z Updated Date: 2026-04-02T16:04:37Z
references
https://www.menlosecurity.com/blog/the-evolution-of-clickfix-from-cleartext-to-server-side-polymorphism
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 months ago · Last seen 13 days ago
Appeared in 6 threat reports