IOC Radar
DomainMediumSignal 35/100

rakuten.co.jp.rakutenajp.xyz

First Seen
Jan 18, 2022
Last Seen
Jun 5, 2026
Jan 18
First Seen
1609d ago
Jun 5
Last Seen
10d ago
6
Reports
source reports
35%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Feed Intelligence Summary

6 reports35% confidence
6
Source reports
35%
Confidence score
Category tags
abuseabuse reportactive scanattachment phishingbad reputationbecbotnetbotnet activitybrand abusebrand impersonationbrute forcebusiness email compromisecommand and controlcredential harvestingcredential phishingcredential stuffingcredential theftcredential_theftdata exfiltrationdata store exposuredeceptive marketingdeceptive practicesdistributed attacksexploitation activityform submissionfraudulent websiteidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinjection activityiot securitylink injectionlink redirectionlink spoofingmalicious downloadmalicious linkmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmalware hostingnetworkphishingphishing attackphishing campaignphishing domain detectionphishing kitphishing-databaseprocess injectionresearchedrogue domainscams & fraudsocial engineeringsocial engineering attacksocial engineering tacticsspamspam campaignsupply chain attackt1055t1071t1071.001t1078t1105t1189t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1566.004t1568t1583t1583.001t1587.001t1588t1588.002t1590.001t1598t1598.003threat_intelligencetyposquattingweb security

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain rakuten.co.jp.rakutenajp.xyz has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnet activity, malware distribution, phishing campaigns, and spam operations. First observed on January

Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
6
Reports
First seenJan 18, 2022
Last seenJun 5, 2026

VirusTotal

Not checked

WHOIS

registrar
NameSilo, LLC
description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
raw
Creation Date: 2022-01-16T14:26:25.0Z DNSSEC: unsigned Domain Name: RAKUTENAJP.XYZ Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: inactive https://icann.org/epp#inactive Domain Status: pendingDelete https://icann.org/epp#pendingDelete Domain Status: serverHold https://icann.org/epp#serverHold Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited Registrant Country: US Registrant Email: f651612a2f356ad3s@ Registrant Organization: 566bb814321610e4 Registrant State/Province: e1c7c1911395a3cf Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4805240066 Registrar IANA ID: 1479 Registrar URL: https://www.namesilo.com Registrar WHOIS Server: whois.namesilo.com Registrar: NameSilo, LLC Registry Domain ID: D270000977-CNIC Registry Expiry Date: 2023-01-16T23:59:59.0Z Updated Date: 2023-03-22T13:42:41.0Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 10 days ago
Appeared in 6 threat reports