IOC Radar
DomainMediumSignal 42/100

igcreativeservice.com

First Seen
Nov 28, 2024
Last Seen
Apr 28, 2026
Nov 28
First Seen
570d ago
Apr 28
Last Seen
54d ago
7
Reports
source reports
42%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

86 techniques

Feed Intelligence Summary

7 reports42% confidence
7
Source reports
42%
Confidence score
Category tags
abuseaccess attemptaccount brute forceaccount enumerationack scanactive scanactive scanningapplication layer protocolattackattack sourceauthenticationauthentication abuseauthentication attackauthentication attacksauthentication attemptauthentication attemptsauthentication brute forceauthentication bypassauthentication failureautomated attackautomated scanningbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute_forcecommand and controlcommon attack vectorcommon protocol scanningcommunication protocolcompromised credentialscompromised hostcredential accesscredential attackcredential brute forcecredential brute forcingcredential harvestingcredential stuffingcredential_accesscredentialsdata encryptiondata enumerationdata exfiltrationdata store exposuredatabase brute forceddosdenial of servicedictionary attackdistributed attacksencryptionenumerationenumeration activityexploitationexploitation activityexploitation attemptexploitation attemptsfailed loginfailed login attemptsfin scanftpftp brute forcehttp brute forcehttp scannerhttp scanninghttpshydrahydra attackidentity & access exploitationimapimap brute forceindicatorinitial accessinjection activityintrusion detectioninvalid login attemptsioclateral movementloginlogin attacklogin attemptlogin attemptslogin brute forcelogin credential attackmalicious activitymalicious softwaremalicious trafficmalwaremalware distributionmalware distribution attemptmasscanmedusamedusa attackmultiple failed loginsnetworknetwork activitynetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork layer protocolnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service discoverynetwork service scanningnetwork_reconnaissancenmapnmap scannull scanpassword attackpassword attackspassword crackingpassword sprayingphishingphishing attackpop3 brute forcepossible credential compromisepossible intrusionpossible malicious activitypossible malware infectionpossible reconnaissancepossible reconnaissance activitypotential botnet activitypotential compromisepotential credential compromisepotential exploitpotential intrusionpotential threat activitypotential threat actorpotential vulnerability exploitationprocess injectionprotocol exploitationprotocol scanningransomwarereconnaissancereconnaissance activityremote accessremote access attemptsremote servicesresearchedrloginscannerscanning activitysecurity operationsservice discoveryservice enumerationservice scanservice_enumerationsmb brute forcesmb enumerationsmb scanningsmtpsmtp brute forcesocial engineeringssh attacksuspected compromisesuspected intrusion attemptsuspected malicious ipsynsyn port scansyn scansyn scanningsystem discoveryt1005t1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1040t1046t1047t1048t1053t1055t1056t1056.001t1056.004t1057t1059t1059.001t1059.004t1059.005t1059.006t1059.007t1065t1068t1071t1071.001t1076t1077t1078t1083t1087t1110t1110.001t1110.002t1110.003t1110.004t1133t1136t1187t1189t1190t1210t1486t1496t1499.001t1499.002t1499.003t1555t1563t1565t1566.001t1566.002t1566.003t1588t1588.002t1588.003t1588.004t1588.006t1589t1589.001t1589.002t1589.003t1590t1590.001t1590.002t1590.003t1590.004t1590.005t1591t1592t1592.001t1592.002t1592.003t1592.004t1593t1594t1595t1595.001t1595.002t1595.003t1596t1598tcp protocoltcp scantcp scanningtelnet threatthreat actorthreat intelligencetor nodeudp port scanudp scanunauthenticated access attemptunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized activityunauthorized loginunauthorized login attemptsunauthorized_accessvalid accountsvnc protocolvulnerability scanweb application scanningweb trafficxmas scan

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
7
Reports
First seenNov 28, 2024
Last seenApr 28, 2026

VirusTotal

Not checked

WHOIS

domain rank
-1
raw
Administrative city: Scottsdale Administrative country: United States Administrative email: [email protected] Administrative state: Arizona Create date: 2021-06-08 Domain name: igcreativeservice.com Domain registrar id: 440 Domain registrar url: http://www.wildwestdomains.com Expiry date: 2022-06-08 Query time: 2021-06-11 17:20:15 Registrant address: d842e1180c1ae9dc Registrant city: d2a3609a8272ac9e Registrant company: dca294b01da69ec0 Registrant country: United States Registrant email: [email protected] Registrant fax: 098c0db02af05f35 Registrant name: f682fca07d92e847 Registrant phone: d6678cdf8b3138f8 Registrant state: eb9bfdd74f82a0bf Registrant zip: eac2647fc01296b2 Technical city: Scottsdale Technical country: United States Technical email: [email protected] Technical state: Arizona Update date: 2021-06-08
references
https://labs.inquest.net/iocdb
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports