DomainMediumSignal 64/100

`ww99.myhotzpic.com`

Location

Ireland

First Seen

Jul 9, 2025

Last Seen

Mar 14, 2026

Jul 9

First Seen

353d ago

Mar 14

Last Seen

105d ago

Reports

source reports

64%

Confidence

medium

Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

64%

Signal Score

64 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

103 techniques

Feed Intelligence Summary

4 reports64% confidence

Source reports

64%

Confidence score

Category tags

aaaaabuseabuse materialacademic institutionsacceptaccept encodingaccessaccount securityactionuactiveactive relatedad fraudadd indicatoradd tagadded activeaddressadult contentadult content associationadult content lureadversary tagsadvertising network abuseaerospace & defenseagent teslaah typesahmannahmann specialaho dataahtrnaah typai-generated contentakamai rankalerts idsalienvault_ransomwareall t8allyalphacrypt cncamericaamerica asnamerica flagamerica malwareandroid10anti-sandboxanti-vmapacheappleapple pegasusapplication layer protocolarialarkei stealerasiaasnoneators showattattacks saaustraliaavtratawsazorultbackdoorbackdoor familybae systemsbandit stealerbayrobbdsm scenebeaconbodybofaboobs130432 novbotnetbrand damagebrand reputationbrand spoofingbrashears lesbrashears pornbrazilbrianbrian sabeybrian sabeybritainbutt piratesc2cachecache controlcameracanadacapecapturecapture t1140cchk asnas26658checkinchinachristopher ahmannchristopher p. ahmanncidrcity sancivil servicesck idck idsck t1027classcloud storagecnc beaconcnc trafficco sheriffcobalt strikecode executioncode injectioncolorado statecommandcommand and controlcommand executioncommand historycommunication protocolcommunication technologiescommunity managementcompromised credentialscompromised websitescomspecconfigcontactcontent sharingcontent typecontrolcontrols t1562controversial techcookiecorporate lawcostcpccounselcountries addcountry malwarecreation datecredential harvestingcredential theftcyber weaponizationdailydaisy colemandarkdata accessdata analysisdata copyingdata encryptiondata exfiltrationdata leakdata mining softwaredata transferdata uploaddata uptoadday agodays agodeaddeath threatsdefamation campaigndefensedefense contractingdefense logisticsdefense systemsdefense technologydeletedelete cdelphidenverdicator roledicators japandigital platformsdiri typediscovery t1069dishdistributed attacksdjvudll injectiondll sideloadingdnsdom domdom hosdopple aidouglas countydowell oreillydownloaderdoxingdron aewdulce sphowndynadot privacydynamic code loadingdynamicloadereb e1eb e8ecacceducational resourceseducational serviceseducational technologyee fcelectronic health recordsemotetencryptenter senter scenter soenter soufenter sourceentriesere manerroret attet trojanethical hackingeuropeeurope/asiaeva lisaeva reimerexclude dataexclude suggesexclude suggestexclude toosrouexcluded dataexcludel suggesexecution attexecution flowexpirationexpiration httpexpiroexploit ss7extortionextr dataextr extractextr includedextr pleaseextraextra dataextra pleaseextrac dataextractextraction dataextraction failextreextre dataextre pleaseextriextri dataf0 fffailedfake pinterestfalcon sandboxfanecfastly errorfbi flashff d5ff fffileh filehfilehash-md5filehash-sha256fileless malwarefilepath httpsfilesfiles domainfiles locationfiles relatedfind encryptedfind sfind suggefirmipflag unitedflubotfolderfor privacyfort collinsfoundfoundryfoundry createdfoundry techfoundry twitterfrancefree pornfrontfunctiongay mangay porngaz1general fullgermanyget myagrentgh0stgoogle safegoogle searchgovernment technologygovernment usegravity ratgreengriftergroups addgrumhall renderhardcore pornharmfulhead microsofthealth care and social assistancehealth information technologyhealthcare information systemshelp4uhighhigh priorityhigher educationhired hit menhistoryhos hosthos hostnamehospital managementhostname addhostname datahostname enumerationhttp attackhttp scannerhttpshybridhybrid analysisic excludedidn1ids detectionsillegalillegal activity allegationsillegal pornographyillicit content hostingimages baeincludeinclude datainclude failedinclude outroovinclude reviewincludec reviewincluded iocsincluded reviewind indicatorindiaindia showingindicatorindicators hongindicators showinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinstallintelintellectual property lawiociocsionosionosasipv4ipv4 addirelandit infrastructurejeffrey reimerjeffrey scottjeffrey scott reimerjohn marshalljul allk-12 educationkeyloggerkhtmlkongla iniciacinlateral movementlaw christopherlaw practicelaw schoollearnlearn morelegal concernslegal consultinglegal manipulationlegal researchlegal sector targetinglegal serviceslegal technologylinuxlive sexloadinglockerlogging t1568londonlookuplovelynn brashearsmafiamainmalicious activitymalicious advertisingmalicious downloadmalicious linksmalicious softwaremalvertisingmalwaremalware attacksmalware campaignmalware deliverymalware distributionmalware droppermalware familymalware hostingmanaiv addmanually addmaps assistmateo countrymazemediamedia contentmedical servicesmediummelikametadata analysismilehighmedia relatedmilitary operationsmiss stellamitre att&ck frameworkmobilemobile carriersmobile networksmobile securitymodify toolsmodule loadmontano markmonths agomost relevantmovedmpressmydoomname johnname serversname tacticsnamed pipenational securityneshtanetherlandsnetworknetwork scanningnews videosnextnext associatednivdortnjratno entdino entrieno entriesno expirationnone googlenorth americansfw experienceobjectoceaniaoctoseek publicofficeonlineonline chatonline content abuseopen source intelligenceopen threatopen threat exchangeoperating systemoperating system securityosintother services (except public administration)ous upackingpalantir doingpassive dnspatchedpatient carepay-per-click fraudpcratpcratgh0st cncpe packerpegasuspegasus attackspersonal informationphishingphishing attackphishing attemptphishing attemptsphishing campaignsphone callssmspleaseplease subplease subrpoempolandpoland based activitypoland unknownpornporn videoporn videospornhubpornhub httpspornhub pageportpresent aprpresent augpresent decpresent janpresent julpresent junpresent marpresent octpresent seppriority alertsprivacyprocess injectionprogram gatewayprotocol t1105providepublic administrationpublic infrastructurepublic policypublic tlppulspulsepulse datapulse providepulse pulsespulse sthowpulsespulses hostnamepulses urlputsq estimationqakbotqbotqshellquackbotquasi governmentracismragnarragnar lockerransomransomexxransomwarereadread cread poemreconnaissancerecord valuered pornreferences addrefts0regulatory agenciesregulatory compliancereimer dptrelatedrelated nidsrelated pulsesrelated tagsremoteremote accessremote servicesrepeatsreport externalreport spamreputation damageresearchedreverse dnsreverse domainreviewreview datareview excludereview icreview iocsreview lacereview loccrgbarl httpsrole titlerun keysrussiasa victimsabeysabey createdsafe browsingsafe searchsakula ratsammiesc datasc typescanscott reimerscriptscript urlsse extrase extractionse reviewsearchsearch engine manipulationsearch filtersearch settingssearchtsarsecurity operationsserver responseserving ipsex chatshakespeareshared contentshiptonshowshowingsiteid1slandersmearsmear campaignsnitsocial analyticssocial engineeringsocial mediasocial media exploitationsocial media marketingsocial media securitysocial networkingsoftware developmentsoftware exploitationsourcesouth americaspanspawnsspearphishing attachmentspecial counselspicespicychat aissl certificatestartupstatusstatus codestatus nostopstop datastranger thingsstreamsubvert trustsuggessugges datasuggestsuggest datasunny leonesupersurveillance technologyswedensweetheartvideo relatedsystem disruptionsystems defenset1003t1005t1021t1021.001t1027t1030t1035t1036t1040t1041t1043t1045t1051t1053t1055t1056t1057t1059t1059.001t1060t1063t1064t1065t1068t1069t1069.001t1070t1071t1071.001t1078t1080t1082t1083t1085t1096t1105t1106t1110t1112t1113t1114t1119t1123t1125t1129t1133t1140t1143t1155t1176t1179t1189t1190t1197t1199t1203t1204t1204.001t1204.002t1210t1213t1480t1486t1490t1495t1496t1499.002t1499.003t1506t1518t1546t1547.001t1553t1562t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1568t1569.002t1574t1583t1584t1584.004t1586t1587t1587.001t1588t1588.006t1589t1589.001t1590.001t1591t1591.002t1593t1595t1598t1608t1608.001t1609tagstam legaltbmvidtelecom servicestelecommunicationsterse httpthreat actorthreat huntersthreat intelligencethreat networkthreatstime sabeytime tsaratiny penistitletitle addedtmobiletofseetofsee botnettop tsaratotaltraceback mantrackertreece alfreytrojan malwaretrojanclickertrojandroppertsaratsara brashearstsara lynntulachtwittertyp datatyp hosttypetype filehtype indicatortype notypestypes ofu extractioukraineunicodeunitedunited statesuniyunknown nsunknown powerunknown wwwunruyuny inuuueupx alertsur extractionurior exiragurlsurls showurlvoidursnifuruguay unknownus creationuser engagementuserosandroiduunetvalue emailsverdictvgt.pl relatedvideo capturevideosvirtoolvisawarningwatch tsaraweb scrapingweb securityweb trafficwebsiteweeks agowestlawwhitewhite indicatorwhite keyloggerwhoiswild eyesandwin32 malwarewin32mydoom novwin32upatre augwindowwindows malwarewinverworkers compensationwormwritewrite cx cachexml titlexorddosy.a.s.yandexyarayara detectionsyara ruleyasyear agoyears ago

Activity Timeline

1 total obs

Mar 14Mar 14

Threat Activity Heatmap

· Peak: 2026-03-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreMedium Risk

SIGNAL

Signal Score

64%

Confidence

Reports

First seenJul 9, 2025

Last seenMar 14, 2026

VirusTotal

Not checked

WHOIS

registrar: NameCheap, Inc.
description: Win32/Tofsee.AX google.com connectivity check Can’t access all malware files. Yandex has long been a malvertising Hub for US and other non- Russian threat actors.
raw: Creation Date: 2016-05-13T10:45:30Z DNSSEC: unsigned Domain Name: MYHOTZPIC.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.FP261.PARKLOGIC.COM Name Server: NS2.FP261.PARKLOGIC.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.6613102107 Registrar IANA ID: 1068 Registrar URL: http://www.namecheap.com Registrar WHOIS Server: whois.namecheap.com Registrar: NameCheap, Inc. Registry Domain ID: 2027900709_DOMAIN_COM-VRSN Registry Expiry Date: 2026-05-13T10:45:30Z Updated Date: 2025-04-18T10:46:35Z

`ww99.myhotzpic.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey