ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://sandman.bond/api/index.php?a=dl&token=d0a5e3b511c293206448ac44451b87f717fbdfa0c2f97242082bd2f29748a486&src=sanfrancescos.com&mode=cloudflare.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1802356
IOC: https://sandman.bond/api/index.php?a=dl&token=d0a5e3b511c293206448ac44451b87f717fbdfa0c2f97242082bd2f29748a486&src=sanfrancescos.com&mode=cloudflare
IOC Type :url
Threat Type :payload_delivery
Malware: Vidar
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-04-30 05:48:39 UTC
Last seen:2026-04-30 23:00:29 UTC
UUID:d89a3aff-4416-11f1-8759-42010aa4000a
Reporter whoamix302
Reward 5 credits from ThreatFox
Tags:Vidar