IOC Radar
DomainMediumSignal 44/100

ezpass.com-epvq.win

First Seen
Apr 10, 2025
Last Seen
Mar 9, 2026
Apr 10
First Seen
430d ago
Mar 9
Last Seen
96d ago
7
Reports
source reports
44%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Feed Intelligence Summary

7 reports44% confidence
7
Source reports
44%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoverattachment phishingbecbec attackbrand impersonationcredential accesscredential harvestingcredential phishingcredential theftcredential_theftdata exfiltrationdgaemail-based attacksindicatorinfrastructure acquisitionreconnaissancelink injectionlink redirectionmalicious attachmentmalicious linksmalicious softwaremalwaremalware attachmentmalware deliverymalware distributionmalware phishingnetworkphishingphishing attackphishing campaign detectionphishing-databaseprocess injectionresearchedsocial engineeringsocial engineering attackt1027t1055t1071.001t1078t1078.004t1189t1192t1204t1204.001t1486t1534t1552.001t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1587.001t1590.001t1598t1598.003targeted phishingthreat actor activityweb securitywebsite spoofing

Activity Timeline

1 total obs
Mar 9Mar 9

Threat Activity Heatmap

· Peak: 2026-03-09
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
7
Reports
First seenApr 10, 2025
Last seenMar 9, 2026

VirusTotal

Not checked

WHOIS

registrar
Dominet (HK) Limited
creation date
2025-04-07T09:24:03
expiration date
2026-04-07T09:24:03
updated date
2026-04-08T10:00:29
name servers
expirens3.hichina.com, expirens4.hichina.com
country
US
emails
[email protected]
org
monique santiago
status
clientHold https://icann.org/epp#clientHold, clientTransferProhibited https://icann.org/epp#clientTransferProhibited, clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited, pendingDelete https://icann.org/epp#pendingDelete, redemptionPeriod https://icann.org/epp#redemptionPeriod, serverHold https://icann.org/epp#serverHold

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 7 threat reports