← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSINT Volley 2026-02-02 - Unknown Stealer/Unknown malware/ClearFake
Automated OSINT sweep from ThreatFox. Top malware: Unknown Stealer(97), Unknown malware(56), ClearFake(15), AsyncRAT(9), Stealc(9). Source: abuse.ch ThreatFox API. SSL enriched: 15 IPs with HTTPS, 4 self-signed (C2 candidates). Pattern 54: sweep→volley automation.
MITRE ATT&CK & Malware Families
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | http://86.107.168.90/a05dfdb7ef5b43c2.php | ThreatFox: Stealc - botnet_cc | 2026-02-02 | |
| URL | https://smtp.bldg-restoration.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://willlog7.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://capztoolz.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| domain | wkaiuahaaxx.icu | ThreatFox: ValleyRAT - botnet_cc | 2026-02-02 | |
| domain | digitechsoft.shop | ThreatFox: DUCKTAIL - botnet_cc | 2026-02-02 | |
| URL | https://mail.kvmjcleaning.ca/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.peablueinteriors.co.uk/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| domain | sestraining.com | ThreatFox: Unknown Stealer - botnet_cc | 2026-02-02 | |
| domain | awesomecamera.com | ThreatFox: Unknown Stealer - botnet_cc | 2026-02-02 | |
| domain | grobrat.ru | ThreatFox: Unknown RAT - botnet_cc | 2026-02-02 | |
| domain | govearali.org | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| domain | ligovera.shop | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| domain | alianzeg.shop | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| domain | ztdaliweb.shop | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| URL | https://wehouse.au/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://wowlabzstaging.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://webiz-magazine.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://vsure.trumpcode.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| domain | capztoolz.com | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| URL | https://thietbilanh.cokhiviendong.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://thetavernonfourth-com.bubars.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://theoldschool.sc/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://tileroofinglasvegas.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://visa.ourdubaitravel.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://tenabl.io/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://webdisk.karamelsitges.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://sales.activemedicaresolutions.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://smartpromotions.seanborgmans.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://sultanshopee.ninetysix.in/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://techtotalix.com.topmostfreight.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://tamara.scrappinmonkeys.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://soko-jikara.jp/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://odva.wbinnova.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://peach.prgss.dev/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://nouralhalaby.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://orkayacademy.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://pgadmin.ddsis.com.mx/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.psicogenealogia.com.br/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.reclaimyourfunds.org/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://nhahang3.umemarketingagency.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://newsite.jacquiejordan.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://obchod.moravskysommelier.cz/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.bennnene.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.diskopumkm-minahasa.my.id/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.newday-gt.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.rodasaopaulo.com.br/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.pvu.gbh.mybluehost.me/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.genesseevalleygolfcourse.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.destinationecuador.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.imeldaespinoza.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://mail.istar-vip.com/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| URL | https://lp.rainhadosconsorcios.com.br/ | ThreatFox: Unknown malware - payload_delivery | 2026-02-02 | |
| domain | win64autoupdates.top | ThreatFox: Raccoon - botnet_cc | 2026-02-02 | |
| domain | pdxing-szxmm-0127.com | ThreatFox: ValleyRAT - botnet_cc | 2026-02-02 | |
| hostname | jyyjtjyt-63390.portmap.host | ThreatFox: NjRAT - botnet_cc | 2026-02-02 | |
| URL | http://138.226.237.35 | ThreatFox: Stealc - botnet_cc | 2026-02-02 | |
| hostname | yoenacevedo7-51272.portmap.host | ThreatFox: Quasar RAT - botnet_cc | 2026-02-02 | |
| hostname | p-el3keto.ru.com | ThreatFox: AsyncRAT - botnet_cc | 2026-02-02 | |
| domain | tamasomajyotirgamay.in.net | ThreatFox: AsyncRAT - botnet_cc | 2026-02-02 | |
| hostname | unknownrazer-39100.portmap.host | ThreatFox: XWorm - botnet_cc | 2026-02-02 | |
| URL | https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/eee12 | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| URL | https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mti98 | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| URL | https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/ui | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| URL | http://astrologickeconoablos.cc:8080/updater?for=07AE43EC57B400B48380A0EB83234BF7 | ThreatFox: Unknown malware - botnet_cc | 2026-02-02 | |
| URL | http://158.94.210.74/4d4b240c75954580.php | ThreatFox: Stealc - botnet_cc | 2026-02-02 | |
| URL | http://158.94.210.74 | ThreatFox: Stealc - botnet_cc | 2026-02-02 | |
| URL | https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/at | ThreatFox: ClearFake - payload_delivery | 2026-02-02 | |
| domain | webiz-magazine.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | wowlabzstaging.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | wehouse.au | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | waitv.net | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | thietbilanh.cokhiviendong.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | willlog7.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | vsure.trumpcode.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | visa.ourdubaitravel.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | touruvaevinho.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | tileroofinglasvegas.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | tenabl.io | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | webdisk.karamelsitges.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | tamara.scrappinmonkeys.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | soko-jikara.jp | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | thetavernonfourth-com.bubars.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | theoldschool.sc | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | smtp.bldg-restoration.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | sultanshopee.ninetysix.in | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | techtotalix.com.topmostfreight.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | smartpromotions.seanborgmans.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | sales.activemedicaresolutions.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | rbcleaningmaintenance.ca | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | pgadmin.ddsis.com.mx | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | odva.wbinnova.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | nouralhalaby.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | peach.prgss.dev | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | obchod.moravskysommelier.cz | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | orkayacademy.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | nhahang3.umemarketingagency.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | newsite.jacquiejordan.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.rodasaopaulo.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.psicogenealogia.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.reclaimyourfunds.org | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.lumadigital.net | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.newday-gt.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.palmettoseasalttherapy.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.peablueinteriors.co.uk | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.pvu.gbh.mybluehost.me | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.genesseevalleygolfcourse.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.imeldaespinoza.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.istar-vip.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | lp.rainhadosconsorcios.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | lpdd.co.za | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.bennnene.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.kvmjcleaning.ca | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.diskopumkm-minahasa.my.id | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | linanil.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.belezamolecular.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | mail.destinationecuador.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | kachoro.tokyo | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | luukske.nl | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | kojirasetravel.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | hoiku-crayon.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | kaiwa-club.tokyo | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | intellect-technologies.src.sjl.mybluehost.me | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | kooshacompany.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | importsbahia.com.br.caldasservice.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | intensive.sam-sebe-columb.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | guestpertpublishing.tvguestpert.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | heartfeltmarketingevents.tvguestpert.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | grb.prgss.dev | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | genesseevalleygolfcourse.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | fstaeco-com-br.pharmac.com.br | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | ftp.condominioparaiso.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | fenixlab.dev | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | countryhouse.tokyo | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | ebina.lawyer | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | dry-wall.lenz-berauscht.de | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | elitechoiceig.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | copiousinfotech.copiousconsult.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | deep-sea.gr | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | cpanel.science-ing.org | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | broadstoneatlasdev.fabric.red | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | bar-number9.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| hostname | consupreneur.zambosur.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | bytovymagazin.cz | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 | |
| domain | brutarquitectura.com | ThreatFox: Unknown Stealer - payload_delivery | 2026-02-02 |