IOC Radar
DomainMediumSignal 49/100

mail.chemitek.co.in

Location
TurkeyTurkey
First Seen
Dec 15, 2023
Last Seen
Apr 23, 2026
Dec 15
First Seen
914d ago
Apr 23
Last Seen
54d ago
7
Reports
source reports
49%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
49%
Signal Score
49 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Feed Intelligence Summary

7 reports49% confidence
7
Source reports
49%
Confidence score
Category tags
brute forcecertcredential harvestingcredential stuffingidentity & access exploitationindicatornetworkphishingphishing attackresearchedsocial engineeringt1566.001t1566.002t1566.003turkey

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
49
SIGNAL
Signal Score
49%
Confidence
7
Reports
First seenDec 15, 2023
Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

registrar
Endurance Digital Domain Technology Private Limited
description
Command and Control domains for malware known as AgentTesla. These domains are extracted from malware sandbox reports using a Machine Learning model trained on a corpus of good and bad domains.
raw
Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Billing City: REDACTED FOR PRIVACY Billing Country: REDACTED FOR PRIVACY Billing Organization: REDACTED FOR PRIVACY Billing Postal Code: REDACTED FOR PRIVACY Billing State/Province: REDACTED FOR PRIVACY Creation Date: 2009-10-03T04:05:28.467Z DNSSEC: unsigned Domain Name: chemitek.co.in Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: fasttreck.earth.orderbox-dns.com Name Server: fasttreck.mars.orderbox-dns.com Name Server: fasttreck.mercury.orderbox-dns.com Name Server: fasttreck.venus.orderbox-dns.com Registrant City: 1f8f4166599d23ee Registrant Country: IN Registrant Email: f651612a2f356ad3s@ Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: a11b88e01f167c9c Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 208311396288eec4 Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.2013775952 Registrar IANA ID: 801217 Registrar URL: https://publicdomainregistry.com/ Registrar: Endurance Digital Domain Technology Private Limited Registry Admin ID: REDACTED FOR PRIVACY Registry Billing ID: REDACTED FOR PRIVACY Registry Domain ID: D3815622-IN Registry Expiry Date: 2026-10-03T04:05:28.467Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2025-11-17T04:06:16.596Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 7 threat reports