IOC Radar
DomainMediumSignal 12/100

sfasf.com

Location
MexicoMexico
First Seen
Apr 23, 2025
Last Seen
Apr 25, 2025
Apr 23
First Seen
417d ago
Apr 25
Last Seen
415d ago
3
Reports
source reports
12%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
12%
Signal Score
12 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

3 reports12% confidence
3
Source reports
12%
Confidence score
Category tags
airline scambotnetchat supportcommand and controlcredential harvestingcredential theftcustomer servicecustomer service impersonationcustomer support scamdata exfiltrationdestination managementdistributed attacksfinancefraudfraudulent phone numberfraudulent rebookingfraudulent refund offerhospitality servicesindicatormalicious softwaremalwaremexiconetworknorth americanumber spoofingonline bookingota supportphishingphishing attackphone scamprocess injectionrapid rewardsresearchedsocial engineeringt1055t1071t1071.001t1078t1082t1189t1192t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1567.001t1598t1598.003t1598.004telephone fraudtelephone scamtourism marketingtourist attractionstransportation servicestravel agenciestravel bookingtravel credit abusetravel experiencetravel industrytravel scamtravel supporttravel technologyunited states

Activity Timeline

1 total obs
Apr 25Apr 25

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **sfasf.com**, originating from Mexico, has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports. First observed on April

Threat ScoreLow Risk
12
SIGNAL
Signal Score
12%
Confidence
3
Reports
First seenApr 23, 2025
Last seenApr 25, 2025

VirusTotal

Not checked

WHOIS

registrar
GoDaddy.com, LLC
description
afasffs
domain rank
-1
raw
Creation Date: 2010-12-17T05:59:23Z DNSSEC: unsigned Domain Name: SFASF.COM Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS1.DOMAIN-IS-4-SALE-AT-DOMAINMARKET.COM Name Server: NS2.DOMAINMARKET.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: 480-624-2505 Registrar IANA ID: 146 Registrar URL: http://www.godaddy.com Registrar WHOIS Server: whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Domain ID: 1630720132_DOMAIN_COM-VRSN Registry Expiry Date: 2025-12-17T05:59:23Z Updated Date: 2024-12-11T03:30:38Z
subdomains count
5

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports