IOC Radar
DomainMediumSignal 79/100

skinboxs.com

Location
United StatesUnited States
First Seen
Oct 11, 2023
Last Seen
Apr 20, 2026
Oct 11
First Seen
973d ago
Apr 20
Last Seen
51d ago
16
Reports
source reports
79%
Confidence
medium
18/91
VirusTotal
detections
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Feed Intelligence Summary

16 reports79% confidence
16
Source reports
79%
Confidence score
Category tags
access controlactive scanattackbad reputationbecblacklisted urlsbotnetbotnet activitybrand impersonationbrute forcebusiness email compromisecertcommand and controlcompromised infrastructurecompromised websitecompromised websitescredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposuredata theftdgadiscorddistributed attacksdomaineuropeexploit kitexploit kitsexploitation activityfinancefraudgame designgame developmentgame publishinggaminggaming industrygaming industry targetgaming platformsgaming technologyidentity & access exploitationindicatorinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinjection activityit infrastructurelinklink injectionlink manipulationmalicious activitymalicious attachmentmalicious domain activitymalicious domain disseminationmalicious domainsmalicious downloadmalicious linksmalicious softwaremalicious url blacklistmalicious urlsmalwaremalware deliverymalware distributionmalware hostingmanualmobile gamingnetworknola defense trackingnorth americaphishingphishing attackphishing-databasepocket card scampolandprocess injectionransomwareresearchedrobloxscamscamsscams & fraudsecurity policysocial engineeringsoftware developmentspamspearphishingsteamsteamcommunity impersonationt1055t1059t1059.001t1059.004t1071t1071.001t1071.004t1078t1105t1189t1190t1192t1199t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1534t1539t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.001t1573t1583t1583.001t1586t1586.001t1587.001t1588t1588.002t1588.006t1590.001t1598t1598.003threat actorthreat intelligence feedthreat preventiontor nodeunited statesurlvideo gamesweb securitywebsitewebsite phishing

Activity Timeline

1 total obs
Apr 20Apr 20

Threat Activity Heatmap

· Peak: 2026-04-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **skinboxs.com** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from the United States. First observed on October

Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
16
Reports
First seenOct 11, 2023
Last seenApr 20, 2026

VirusTotal

18/ 91vendors flagged
20% detection rateJun 8, 2026

WHOIS

domain rank
-1
raw
Create date: 2024-12-15 00:00:00 Domain name: skinboxs.com Domain registrar id: 1179 Domain registrar url: http://www.networksolutions.com Expiry date: 2025-12-15 00:00:00 Name server 1: ns2.afternic.com Name server 2: ns1.afternic.com Query time: 2024-12-16 13:35:54 Update date: 2024-12-15 00:00:00
references
https://www.virustotal.com/gui/collection/348d12ddbef91e34c6260626b43cdb47bfb53dc322e1884b5794e7e5261d63f0, https://phishing.army/download/phishing_army_blocklist_extended.txt, https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt, https://twitter.com/V3n0mStrike/status/1775359542789832854, https://twitter.com/V3n0mStrike/status/1775567484021555391, https://twitter.com/noladefense/status/1751600400547905844, https://twitter.com/noladefense/status/1751600556299186546, https://twitter.com/noladefense/status/1751660811834040749, https://twitter.com/noladefense/status/1751660817148178613, https://twitter.com/noladefense/status/1751691000966177228, https://twitter.com/noladefense/status/1751721201066496485, https://twitter.com/noladefense/status/1751721278661075155, https://twitter.com/noladefense/status/1751736282751893579, https://twitter.com/noladefense/status/1751736303236915688, https://twitter.com/noladefense/status/1751736388234461627, https://threatintel.cybsec.fr/2023IOCs4_cybsec.txt
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 16 threat reports