DomainHighVerifiedSignal 33/100
safeamexjapansafe.top
First Seen
Dec 15, 2024
Last Seen
Apr 7, 2026
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
33%
Signal Score
33 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
5 reports33% confidence
5
Source reports
33%
Confidence score
Category tags
active scanamerican expressamexbad reputationbankingbotnetbotnet activitybrand abusebrand impersonationbrute forcecommand and controlcredential harvestingcredential phishingcredential stuffingcredit cardcredit card phishingcredit card servicesdata exfiltrationdata store exposuredgadistributed attacksexploitation activityfinancefinance and insurancefinancial sector targetingfinancial servicesfinancial services targetingfinancial technologyfraudidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityiocsmalicious linksmalicious softwaremalicious websitemalwarenetworknola defensepayment processingphishingphishing attackphishing domainphishing urlprocess injectionresearchedscamscams & fraudsocial engineeringt1055t1071.001t1078t1078.004t1105t1189t1195t1195.002t1204.001t1204.002t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1583t1583.001t1587.001t1588t1588.002t1590.001tor nodeurlswealth managementweb security
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
33
SIGNAL
Signal Score
33%
Confidence
5
Reports
First seenDec 15, 2024
Last seenApr 7, 2026
Verified IOC
VirusTotal
Not checked
WHOIS
- registrar
- HOSTINGER operations, UAB
- description
- This page stores American Express Card phishing page IOCs. Legitimate website for the brand is https://www.americanexpress.com/ NOLA defense is tracking newly observed phishing websites. Follow us on twitter https://twitter.com/noladefense
- domain rank
- -1
- raw
- Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2024-06-18T10:25:53Z DNSSEC: unsigned Domain Name: safeamexjapansafe.top Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: pendingDelete https://icann.org/epp#pendingDelete Domain Status: redemptionPeriod https://icann.org/epp#redemptionPeriod Name Server: ns1.dns-expired.com Name Server: ns2.dns-expired.com Registrant City: 1f8f4166599d23ee Registrant Country: US Registrant Email: f651612a2f356ad3s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 1f8f4166599d23ee Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 36e414cc8874c746 Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +86.37060470556 Registrar IANA ID: 1636 Registrar URL: http://www.hostinger.com Registrar WHOIS Server: hostinger.whois.com Registrar: HOSTINGER operations, UAB Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: D20240618G10001G_25165742-top Registry Expiry Date: 2025-06-18T10:25:53Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2025-08-01T00:38:35Z
- references
- https://www.virustotal.com/gui/collection/35ad160e8a14e95ccd865523eccfdb22fd9f9966750f944c129291eac570334b
- subdomains count
- 0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 1 year ago · Last seen 2 months ago
Appeared in 5 threat reports