DomainHighVerifiedSignal 36/100

`frxvideos.com`

Location

Canada

First Seen

Jan 2, 2024

Last Seen

May 21, 2026

Jan 2

First Seen

894d ago

May 21

Last Seen

25d ago

Reports

source reports

36%

Confidence

high

Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

36%

Signal Score

36 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

88 techniques

Feed Intelligence Summary

6 reports36% confidence

Source reports

36%

Confidence score

Category tags

.mil.pla h2aaaaaaaa nxdomainabuseacceptaccessaccess ta0001access ta0006account discoveryaccount profilingaccount securityaccount takeoveractiveactive scanactive scanningactive threatactivity miraiaddressaddress domainaddress firstadware malwareaerospace & defenseafricaag albertoag ingoagentagent teslaaigair forceakamaialertsalexa topalienvault_ransomwareall octoseekall quietall scoreblueall searchallocates_execute_remote_processallocates_rwxamazonamazon profileamazonawsanalysis dateanalyzeanalyzer pasteanalyzer threatandarielandroidandroid overlayanomalous fileapacheapbapi abuseaposterappleapple as714apple as8075apple attackapple engineeringapple gatewayapple iosapple phonearialarizonaartroas number analysisas35994 akamaiasiaasnone dnsasnone germanyasnone relatedasnone unitedattattackauroraaustraliaaustriaauthentication bypassauthentication flawauthorityautorunav detectionsavast avgavg clamavazure tlsbackdoorbad reputationbahamutbatbelgiumbell southbillbiosbitsblackblacklist httpblisterbloat-abodybody lengthbotnet activitybotnet campaignbrazilbrianbrian sabeybrowse scanbrute forcebrute force attackbrute force passwordsbundledbypassbytescab chromecachecache entrycalls-wmicamaro dragoncanadacanada unknowncancel anytimecanvascapecastle pinescatalog treecertcharter communicationscheckinchilechinachina telecomchina unknownchromecidrcisco umbrellacitadelcitycivil rightsck idck matrixclassclick-based attackclickable urlscloud infrastructurecmdcnamazon rsacnamecnapple publiccnccnc beaconcnc servercnuscobalt strikecobaltstrikecodecode executioncode injectioncollect contactscom laudecommandcommand & controlcommand and controlcommand executioncommunication protocolcompany limitedconfigcontactcontacted urlscontent typecontrol servercontrol ta0011cookiecopycorecorporate lawcountrycountry unitedcountry unknowncovid19cp buscp cybercreation datecredential accesscredential harvestingcredential stuffingcredential theftcrypcryptocurrencycryptocurrency threatscryptographycryptojackingcsc corporatecur conocus subjectcyber espionagecyber folkscyber stalkingcyber threatcyber warfareczechczechia unknowndaddydangerdark powerdatadata accessdata breachdata copyingdata encryptiondata exfiltrationdata redacteddata store exposuredata transferdcom exploitationddosddos attacksdecoy systemdefensedefense contractingdefense evasiondefense logisticsdefense systemsdefense technologydelawaredeletedelete cdelete shadowsdelphidemonbotdenverdenver coloradodesign metadesign ogdesign trackersdetected m1detection listdeuteronomy 28:7dgadigital certificatedigital signaturediscovery e1082div divdnsdns attackdnspionagednssecdockdock zonedocument filedomaindomainsdomains domainsdomains filesdorkbotdos executabledouglas countyds nxdomaindumped_bufferdumped_buffer2dynamicdynamicloadere-signature securitye1203 datae1564 hiddenecho requestee edcje4jekyxeelectronic health recordselevated exposureemailsemails infoemotetencryptencryptionendpoints allenjoyenterprise securityentriesentries foundeofaeerroret cinsetpro malwareeuropeeurope/asiaevasion ob0006excelexcel microsoftexchange botnetexecutable fileexpirationexpiration dateexpires thuexplexploitexploit noneexploitationexploitation activityextortionfactoryfailefakedout threatfalcon sandboxfalsefearfederation asnfeodofh nofilefilesfiles domainfiles filesfiles ipfiles locationfiles matchingfiles relatedfin ivdofinal urlfinancefirstflag unitedfont formatfor privacyforbidden smallformformatformbook cncfoundfound peframingfreegafgytgeneratorgenericgeneric malwaregeneric windosgermanyget dnsget httpghost ratgithub pagesgmbhgoogle safegraphgroupgrumguardguatemalagzipgzip chromehackershackers for hirehackers utilizehackingtrio uaharstelhasheshashes capehashes filesheader intelheaders nelhealth care and social assistancehealth information technologyhealthcare information systemshellohelloworldheurhichinahide artifactshide sampleshighhigh levelhistoricalhistorical sslhithitmenholidaycheck aghome networkhondurashospital managementhostinghostnamehostname enumerationhstrhtmlhtml infohttphttp attackhttp headershttp hosthttp methodhttp requesthttp requestshttp responsehttp scannerhttpshuawei hg532huawei remotehuman rightshungaryhunkianaiana idiana refibm xforceicefogicloudicmp trafficico rtgroupiconidentity & access exploitationids detectionsiframeimmobilien agimpact ob0008impact ta0040impacting azureinboundindicatorindonesiainfo compilerinformation gatheringinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinjectioninjection activityinjection_createremotethreadinjection_modifies_memoryinjection_ntsetcontextthreadinjection_resumethreadinjection_runpeinjection_write_memoryinjection_write_memory_exeinput validation bypassinstallintelintellectual property lawinternet of thingsiocsiocs kbiosiot botnetiot securityiot/ics attackipv4ipv6irelandireland unknownissuing cait consultantit infrastructureja3sjapanjapan unknownjeffrey reimer dptjekylljpeg imagek dcomlaunchkenyakeybasekgs0kls0kovterkr5a headkrakenkratonakraupakryptikkurt waltherlabs pulseslarimer stlaw practicelegal consultinglegal researchlegal serviceslegal technologylicesslinklnmplnmp alocallockbitlooklos angeleslowfilucky guylumma stealerm brian sabeym03 oamazonm1m892175macrosmagic pdfmail spammermainmakopmalicious activitymalicious downloadmalicious hostmalicious linksmalicious powershell activitymalicious prosecutionmalicious sitemalicious softwaremaltiverse qratmalvertizingmalwaremalware beaconmalware distributionmalware genericmalware signingmalware sitemalware spreading evadermalware trafficmalware wormmanmarkmonitormarkmonitor incmarkusmazemediamedia centermedical malpractice fraudmedical servicesmediummemory patternmenmenumetametadata analysismethod statusmetromexicomicrosoft technologiesmicrosoft waymilitary operationsmillionmindminerminiigd upnpmiraimirai botnetmirai variantmitmmitremitre attmitre attkmobilemobile securitymobile threatmodifies_proxy_wpadmodule loadmodulesmonitoringmoroccomorphexmost viewedmovedms defenderms windowsmsdefender aprmsdefender febmsiemsilmultimultirumutexesmydoomn haydenn1822namename domainname md5name serversnanocore ratnation-state activitynational securitynetherlandsnetworknetwork communicationnetwork probingnetwork reconnaissancenetwork scanningnetwork_httpnetwork_ircneutralnextnexus categorynidsnids_alertnids_malware_alertno entriesno expirationnolookup_communicationnondnsnone md5north americanotes avastnuancenumberob0005 defenseobjectoccamyoceaniaodigicert incoffice openole controlopenopen packagingopen threatoperating systemoperating system securityorgabusephoneorgidos2 executableotx scoreblueotx telemetryoutbound trafficoverview ippacking t1045passive dnspasswordpassword attackspastepatch managementpath maxpath traversalpatient carepattern domainspattern ipspattern matchpayload hellopcappdb pathpdf documentpdf executionpdf reportpe resourcepe32 executablepedrazpegasuspersistence_autorunperuphishphishingphishing attackphishing sitephishingb64photosphy samoplaypleasepolandpoland unknownpornporn videosportpostpowershellpragmapreemptive policingprivilege abuseprocessprocess injectionprocess32nextwproducts idprojectproject piprotectprotocol-deviproxypulsepulse pulsespulse submitpulse usepulsespuma sepurpose p1pushqakbotquantum fiberquasarqueryquery typeracismrallyransomransomexxransomwareratrc2ird suitereact appreadread crealtek sdkreconnaissancerecord typerecord valuerecycle binredacted forredlinestealerreferral urlregulatory compliancerelated nidsrelated pulsesrelated tagsrelayrelicremoteremote accessremote servicesrequest idresearchedresolverrorresource hijackingresources cyberreverse dnsrhttpsrisk assessmentrootroot carpcsrsa tlsrticon neutralruenruntime modulesrussiarussian federationsabeysafe sitesample analysissamplessandboxscalaxyscams & fraudscan endpointsscanning activityschemescott mccormickscriptscript domainsscript scriptscript urlsscripting attackssea xsearchsecure serversecurity operationsseen asnseen lastserce internetuserverserver caserver errorserversserviceservice ipserving ipsexismsharedshellshell codeshell commandssheridashinjiru mscshowshow techniqueshowingsiblings domainsiem compliancesimdasimplesingaporesinkhole cookiesiteskipskynetslcc2slovakiasmallsoap commandsocial engineeringsocial media securitysoftware developmentsoftware exploitationsoftware integritysoftware vulnerabilitiessongculture attackedsouth americaspainspamspammerspanspan h2span spanspeakez securusspyeyessdeepssh on serverssl certssl certificatessl hostnamestatestate actorsstatusstatus codestatus codesstatus hostnamestealerstixstreamstringsstrongstusstyle sslsubidsubjectsubmitsubmit quasarsuitesummarysupply chain attacksuspsweepswipperswitch dnssystem disruptiont1003t1005t1012t1021t1021.001t1023t1027t1030t1036t1040t1041t1045t1047t1055t1057t1059t1059.001t1059.002t1059.007t1060t1063t1064t1069.001t1071t1071.001t1071.002t1071.004t1078t1082t1086t1089t1105t1106t1110t1110.001t1110.002t1110.003t1110.004t1112t1114t1119t1129t1133t1140t1143t1155t1189t1189 foundt1190t1203t1204t1204.001t1204.002t1210t1485t1486t1490t1495t1496t1499.002t1505.001t1539t1554.001t1554.003t1555t1560t1562.003t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1569.002t1573t1583.005t1587.001t1589t1589.001t1590t1590.001t1592t1595t1595.001t1595.002t1595.003t1596tag counttaggingtags ogtaiwantargets sateams apitemptexttext chromethailandthreatthreat actorthreat analyzerthreat intelligencethreat reportthreat roundthreat rounduptimo salzsiedertitletitle workstls snitlsv1tlsv1 aprtofseetoolstop ratedtor nodetotaltptjswtracetrackertreatstreetrend todaytrid adobetrojantrojan featurestrojan malwaretrojanclickertrojandroppertrojanspytsara brashearsttl valuetulachtypetype gettype texthtmltypeof etyposquattingunitedunited kingdomunited statesunknown urlsunlock phoneuntitled statesupdated dateupgradeurlsurls httpurls httpsursnifuseruser executionusersutc submissionsv2 documentvalue snkzvendor findingverdictverizon feedvhashvideosvietnamviewsvirgin islandsvirtoolvirusvirutvista eventvulnerability scanw32.bloat-awatchwds socketweb application attackweb application exploitationweb exploitationweb openweb securityweb trafficwhoiswhois information gatheringwhois lookupwhois lookupswhois recordwhois whoiswin16 newin32 malwarewin32imali marwin32upatre marwindowswindows malwarewindows ntwoff chromeworkaposterworldwormwritewrite cwsasendx cachexamzexpires300xe exfbml1xlsx microsoftxml eburyxml formatxml spreadsheetxml titlexoboxportxserveryara detectionsyara ruleyomi hunterzbotzenboxzeus

Activity Timeline

1 total obs

May 21May 21

Threat Activity Heatmap

· Peak: 2026-05-21

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

36%

Confidence

Reports

First seenJan 2, 2024

Last seenMay 21, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

domain rank: -1
raw: Administrative email: [email protected] Create date: 2024-09-28 00:00:00 Domain name: frxvideos.com Domain registrar id: 1509 Domain registrar url: http://www.cosmotown.com Expiry date: 2025-09-28 00:00:00 Name server 1: nick.ns1.redirns.com Name server 2: beau.ns2.redirns.com Query time: 2024-09-29 10:34:59 Registrant country: United States Registrant email: [email protected] Registrant state: 19de8114baf8fb43 Technical email: [email protected] Update date: 2024-09-28 00:00:00
subdomains count: 6

`frxvideos.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy