IOC Radar
DomainHighVerifiedSignal 30/100

keepasses.com

Location
United StatesUnited States
First Seen
Apr 23, 2026
Last Seen
Apr 30, 2026
Apr 23
First Seen
52d ago
Apr 30
Last Seen
45d ago
5
Reports
source reports
30%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
30%
Signal Score
30 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

5 reports30% confidence
5
Source reports
30%
Confidence score
Category tags
abusealienvault_ransomwarebad reputationcrimson palaceindicatornetworknorth americaransomwareresearchedunited states

Activity Timeline

1 total obs
Apr 30Apr 30

Threat Activity Heatmap

· Peak: 2026-04-30
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
30
SIGNAL
Signal Score
30%
Confidence
5
Reports
First seenApr 23, 2026
Last seenApr 30, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
These CrimsonPalace indicators were identified by pivoting on the pulse referenced below. Contact us at merc922 at y---- dot com.
domain rank
-1
raw
Administrative city: Phoenix Administrative country: United States Administrative email: [email protected] Administrative state: AZ Create date: 2022-10-18 00:00:00 Domain name: keepasses.com Domain registrar id: 1479.0 Domain registrar url: whois.namesilo.com Expiry date: 2026-10-18 00:00:00 Name server 1: NS1.DNSOWL.COM Name server 2: NS2.DNSOWL.COM Name server 3: NS3.DNSOWL.COM Query time: 2026-03-09 19:50:43 Registrant address: 4450dc66882e5a1e Registrant city: 7a96e04d2a2490b3 Registrant company: 6c109e8eed83f43c Registrant country: United States Registrant email: [email protected] Registrant name: d2ee087975a4ad8c Registrant phone: ae3ea006f3cca5c3 Registrant state: e1c7c1911395a3cf Registrant zip: c692e0cb8851b160 Technical city: Phoenix Technical country: United States Technical email: [email protected] Technical state: AZ Update date: 2026-03-07 00:00:00
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 5 threat reports