IOC Radar
DomainMediumSignal 70/100

zutigrafika.pl

Location
PolandPoland
First Seen
Mar 12, 2026
Last Seen
Jun 2, 2026
Mar 12
First Seen
91d ago
Jun 2
Last Seen
10d ago
7
Reports
source reports
70%
Confidence
medium
18/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Feed Intelligence Summary

7 reports70% confidence
7
Source reports
70%
Confidence score
Category tags
brute forcecompromised infrastructurecredential harvestingcredential stuffingeuropeidentity & access exploitationindicatormalicious domain disseminationmalwaremalware hostingnetworkphishphishingphishing attackpolandpolcertresearchedsocial engineeringt1105t1566t1566.001t1566.002t1566.003t1588t1588.002

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain `zutigrafika.pl` represents a significant threat, evidenced by its high score of 70.37 and its consistent inclusion in multiple reputable threat intelligence feeds, including the Phishing Army Extended Domain List and CERT.PL's list of malicious domains. This Indicator of Compromise (IOC) strongly points towards phishing activities and the potential for ingress of malicious tools into the network. Interaction with this domain could lead to severe consequences for the organization, suc…

Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
7
Reports
First seenMar 12, 2026
Last seenJun 2, 2026

VirusTotal

18/ 91vendors flagged
20% detection rateJun 3, 2026

WHOIS

registrar
Aftermarket.pl Limited
creation date
2025-08-25T10:42:16
expiration date
2026-08-25T10:42:16
updated date
2026-03-14T16:48:08
name servers
macy.ns.cloudflare.com, rommy.ns.cloudflare.com

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 10 days ago
Appeared in 7 threat reports