DomainHighVerifiedSignal 100/100
gfmissions.org
Location
SingaporeFirst Seen
Oct 1, 2024
Last Seen
Feb 9, 2026
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
6 reports99% confidence
6
Source reports
99%
Confidence score
Category tags
accessadminbitbucketbitterbotnetbrbrand impersonationcloud storagecommand and controlcredential harvestingcsscustomdata exfiltrationdistributed attacksenterprise securityeverestexpressfashion & textilefilefinancefintechfraudgaminggithubglobalgroupshtmlhttphttpshudsonindexindicatorinfoinformation technologyipfsmalicious softwaremalwaremantismedia & entertainmentmediumnetworknola defensenorth americaoneonedrive phishing campaignpatch managementpaymentpdfphishingphishing attackphishing campaignphppidprocess injectionresearchedroyalscamscriptsingaporeslugsocial engineeringsoftware vulnerabilitiessurface webt1055t1071.001t1078t1078.004t1189t1192t1204.002t1486t1496t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003twitterunited statesurlurl-based attackurlsvanuatuwindows
Activity Timeline
Feb 9Feb 9
Threat Activity Heatmap
· Peak: 2026-02-09LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The domain **gfmissions.org**, originating from Singapore, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on October
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
6
Reports
First seenOct 1, 2024
Last seenFeb 9, 2026
Verified IOC
VirusTotal
Not checked
WHOIS
- registrar
- GoDaddy.com, LLC
- description
- This page stores OneDrive phishing page IOCs. Legitimate website for the brand is https://onedrive.live.com/ NOLA defense is tracking newly observed phishing websites. Follow us on twitter https://twitter.com/noladefense
- domain rank
- -1
- raw
- Admin City: REDACTED Admin Country: REDACTED Admin Organization: REDACTED Admin Postal Code: REDACTED Admin State/Province: REDACTED Creation Date: 2021-12-31T01:44:02Z DNSSEC: unsigned Domain Name: gfmissions.org Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: ns37.domaincontrol.com Name Server: ns38.domaincontrol.com Registrant City: 3495bcf1839c6374 Registrant Country: US Registrant Email: fb6ff66ef97c0518s@ Registrant Fax Ext: 3495bcf1839c6374 Registrant Fax: 3495bcf1839c6374 Registrant Name: 3495bcf1839c6374 Registrant Organization: b46a98a26fe2fd9f Registrant Phone Ext: 3495bcf1839c6374 Registrant Phone: 3495bcf1839c6374 Registrant Postal Code: 3495bcf1839c6374 Registrant State/Province: 30bdd2917a604c83 Registrant Street: 3495bcf1839c6374 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4806242505 Registrar IANA ID: 146 Registrar URL: http://www.whois.godaddy.com Registrar WHOIS Server: http://whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Admin ID: REDACTED Registry Domain ID: REDACTED Registry Expiry Date: 2025-12-31T01:44:02Z Registry Registrant ID: REDACTED Registry Tech ID: REDACTED Tech City: REDACTED Tech Country: REDACTED Tech Organization: REDACTED Tech Postal Code: REDACTED Tech State/Province: REDACTED Updated Date: 2025-02-14T01:44:48Z
- references
- https://www.virustotal.com/gui/collection/bc895dab30417f40d279c5c67a0c2e29068469291a1bd3a3bf22d237a04597a4
- subdomains count
- 6
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 1 year ago · Last seen 4 months ago
Appeared in 6 threat reports