IOC Radar
DomainMediumSignal 17/100

mvdsq.b17da333ec194ec4b767.d.requestbin.net

First Seen
Apr 13, 2025
Last Seen
May 10, 2025
Apr 13
First Seen
426d ago
May 10
Last Seen
400d ago
2
Reports
source reports
17%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
17%
Signal Score
17 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Feed Intelligence Summary

2 reports17% confidence
2
Source reports
17%
Confidence score
Category tags
aptapt groupbotnetc2c2 infrastructurecommand and controldata exfiltrationdgadistributed attacksgravityrathexindicatorindicators of compromiseinfrastructure acquisitionreconnaissancemalicious softwaremalwarenetworknetwork communicationnetwork trafficprocess injectionratremote access trojanresearchedt1005t1016t1016.001t1016.002t1041t1055t1071t1071.001t1071.002t1071.004t1105t1486t1496t1499.002t1499.003t1565t1573t1573.001t1573.002t1587.001t1590.001

Activity Timeline

1 total obs
May 10May 10

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The provided Indicator of Compromise (IOC) currently exhibits a low-risk profile, with a score of 17.1, placing it below the threshold typically associated with high-severity threats. Furthermore, the available threat activity timeline indicates an 'enrichment failed' event from a prominent threat intelligence source, suggesting a lack of corroborating evidence for active malicious behavior specific to this instance. Therefore, this IOC does not warrant immediate alarm or urgent containment acti…

Threat ScoreLow Risk
17
SIGNAL
Signal Score
17%
Confidence
2
Reports
First seenApr 13, 2025
Last seenMay 10, 2025

VirusTotal

Not checked

WHOIS

registrar
NameCheap, Inc.
description
Command and Control domains for GravityRAT. These domains are extracted from a number of sources, and are suspicious.
raw
Creation Date: 2018-03-26T16:43:31Z DNSSEC: unsigned Domain Name: REQUESTBIN.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: AMOS.NS.CLOUDFLARE.COM Name Server: NORAH.NS.CLOUDFLARE.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.6613102107 Registrar IANA ID: 1068 Registrar URL: http://www.namecheap.com Registrar WHOIS Server: whois.namecheap.com Registrar: NameCheap, Inc. Registry Domain ID: 2243811660_DOMAIN_NET-VRSN Registry Expiry Date: 2026-03-26T16:43:31Z Updated Date: 2025-03-25T16:01:17Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 2 threat reports