IOC Radar
DomainMediumSignal 15/100

www.vpn.coloradocc.com

Location
NetherlandsNetherlands
First Seen
Jul 9, 2025
Last Seen
Jul 13, 2025
Jul 9
First Seen
340d ago
Jul 13
Last Seen
336d ago
2
Reports
source reports
15%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
15%
Signal Score
15 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Feed Intelligence Summary

2 reports15% confidence
2
Source reports
15%
Confidence score
Category tags
aaaaactive relatedad tevdagapplebodycanada unknownchromecommand and controlcommunication protocolcreation datecyber threatsdata accessdata copyingdata exfiltrationdata misusedata transferdata uploaddonedraiedynamicloaderencryptenter soudcetdientrieseuropeeurope/asiaexcludeexclude suggesexpiration dateextr dataextraction dataextri dataextri includefailedfalse informationfilesfiles domainfiles relatedfinancefinancial servicesfind sfoundryfrancegermanygoogle safeguardhostname addhostname enumerationhtmlhttp attackhttp scannerinclude reviewindicatorinformation gatheringingress tool transfermalicious linksmalicious softwaremalwaremedia centermovedmsiename serversnetherlandsnetworknetwork scanningnextnext associatedpassive dnspersonal datapresent augpresent junpresent sepprocess injectionpulse pulsespulse submitpulsespulses otxransomreconnaissancerecord valueredacted forrelated tagsreputation damageresearchedreviewrussiascript domainsscript urlssearchsecure serverserver responseserversserviceshowingslcc2smear campaignsocial media abusespainstatusstop xsuggest1005t1030t1055t1071.001t1078t1105t1190t1204.001t1486t1499.001t1499.002t1534t1565t1566t1566.001t1589t1589.001t1592t1598titletitle addedtrojan malwaretwittertypeunitedunknown nsuny inuuueurlsurls showvirtoolweb securityweb trafficwindows ntwritewrite cxport

Activity Timeline

1 total obs
Jul 13Jul 13

Threat Activity Heatmap

· Peak: 2025-07-13
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain www.vpn.coloradocc.com has emerged as a significant indicator of compromise (IOC) linked to malware activities, first observed on July

Threat ScoreLow Risk
15
SIGNAL
Signal Score
15%
Confidence
2
Reports
First seenJul 9, 2025
Last seenJul 13, 2025

VirusTotal

Not checked

WHOIS

registrar
Dynadot Inc
raw
Creation Date: 2011-05-04T21:50:28Z DNSSEC: unsigned Domain Name: COLORADOCC.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.DYNA-NS.NET Name Server: NS2.DYNA-NS.NET Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +16502620100 Registrar IANA ID: 472 Registrar URL: http://www.dynadot.com Registrar WHOIS Server: whois.dynadot.com Registrar: Dynadot Inc Registry Domain ID: 1654456335_DOMAIN_COM-VRSN Registry Expiry Date: 2026-05-04T21:50:28Z Updated Date: 2025-05-05T07:43:29Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 11 months ago
Appeared in 2 threat reports