DomainHighVerifiedSignal 55/100

`ipapi.co`

First Seen

Jun 7, 2026

Last Seen

Jun 7, 2026

Jun 7

First Seen

4d ago

Jun 7

Last Seen

4d ago

Reports

source reports

75%

Confidence

high

0/91

VirusTotal

detections

Found in 1 report. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

75%

Signal Score

55 / 100

IDS Rule

Yes

Threat Context

Malware Families2

MMETA Stealer CCobalt Strike

Feed Intelligence Summary

1 report75% confidence

Cyber Press

5d ago

Malspam Campaign Uses DoubleClick Redirects to Deliver .NET Loader

5 IOCs in report

Activity Timeline

1 total obs

Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **ipapi.co** has been identified as a critical indicator of compromise (IOC) associated with advanced persistent threat (APT) activities, specifically linked to the deployment of Cobalt Strike and META Stealer malware. Observed on June

Threat ScoreMedium Risk

SIGNAL

Signal Score

75%

Confidence

Reports

First seenJun 7, 2026

Last seenJun 7, 2026

Verified IOC

VirusTotal

0/ 91vendors flagged

0% detection rateJun 7, 2026

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 4 days ago · Last seen 4 days ago

Appeared in 1 threat report from 1 source

Used by malware: META Stealer, Cobalt Strike

ipapi.co

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`ipapi.co`