IOC Radar
DomainMediumSignal 0/100

oast.pro

Location
ArmeniaArmenia
First Seen
Mar 3, 2025
Last Seen
Mar 21, 2026
Mar 3
First Seen
468d ago
Mar 21
Last Seen
85d ago
5
Reports
source reports
0%
Confidence
medium
12/91
VirusTotal
detections
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

5 reports0% confidence
5
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
Mar 21Mar 21

Threat Activity Heatmap

· Peak: 2026-03-21
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This indicator, `oast.pro`, has been extensively vetted and officially whitelisted by multiple reputable security intelligence services. Its extremely low-risk score of 0.0, combined with its whitelisted status, indicates that it is not associated with malicious activity. Therefore, its presence in threat intelligence feeds should not be a cause for concern or imply an active threat to organizational assets. This benign classification suggests that any observations of `oast.pro` within network t…

Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
5
Reports
First seenMar 3, 2025
Last seenMar 21, 2026

VirusTotal

12/ 91vendors flagged
13% detection rateJun 7, 2026

WHOIS

registrar
GoDaddy.com, LLC
domain rank
-1
raw
Admin City: REDACTED Admin Country: REDACTED Admin Organization: REDACTED Admin Postal Code: REDACTED Admin State/Province: REDACTED Creation Date: 2022-01-11T16:00:44Z DNSSEC: unsigned Domain Name: oast.pro Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: ns1.oast.pro Name Server: ns2.oast.pro Registrant City: 3495bcf1839c6374 Registrant Country: US Registrant Email: fb6ff66ef97c0518s@ Registrant Fax Ext: 3495bcf1839c6374 Registrant Fax: 3495bcf1839c6374 Registrant Name: 3495bcf1839c6374 Registrant Organization: b46a98a26fe2fd9f Registrant Phone Ext: 3495bcf1839c6374 Registrant Phone: 3495bcf1839c6374 Registrant Postal Code: 3495bcf1839c6374 Registrant State/Province: 30bdd2917a604c83 Registrant Street: 3495bcf1839c6374 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4806242505 Registrar IANA ID: 146 Registrar URL: http://www.godaddy.com/domains/search.aspx?ci=8990 Registrar WHOIS Server: whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Admin ID: REDACTED Registry Domain ID: d44d9c3e28db4bcd8d0be5f406714ebb-DONUTS Registry Expiry Date: 2026-01-11T16:00:44Z Registry Registrant ID: REDACTED Registry Tech ID: REDACTED Tech City: REDACTED Tech Country: REDACTED Tech Organization: REDACTED Tech Postal Code: REDACTED Tech State/Province: REDACTED Updated Date: 2025-02-25T16:00:58Z
references
https://chiraba.com:8443/hourly, https://www.microsoft.com/en-us/security/blog/2024/04/17/attackers-exploiting-new-critical-openmetadata-vulnerabilities-on-kubernetes-clusters/, https://securityintelligence.com/x-force/itg05-leverages-malware-arsenal/, https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html, https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html, https://darktrace.com/blog/the-unknown-unknowns-post-exploitation-activities-of-ivanti-cs-ps-appliances, TI Advisory No_ESAF-SOC-TI-283-Update 1 Ivanti SSRF Zero-Day Exploited in Widespread Attacks.txt, https://www.deepwatch.com/labs/customer-advisory-adversaries-are-scanning-for-and-exploiting-text4shell-vulnerability-cve-2022-42889/, https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/
subdomains count
46807

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 5 threat reports