DomainHighVerifiedSignal 100/100

`bustyones.com`

Location

Hungary

First Seen

Dec 7, 2023

Last Seen

Jun 7, 2026

Dec 7

First Seen

917d ago

Jun 7

Last Seen

4d ago

Reports

source reports

99%

Confidence

high

0/91

VirusTotal

detections

Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

94 techniques

Feed Intelligence Summary

6 reports99% confidence

Source reports

99%

Confidence score

Category tags

.plaaaaaaaa nxdomainabuseacceptaccept encodingaccessaccess controlaccess ta0001access ta0006account securityacintactive scanactivity miraiadded activeaddressaddress domainaddress firstaddress googleadwareadware malwareafricaag albertoag ingoagentagent teslaai applicationsai researchai solutionsaigaig claimsain addair forceakamai rankalertsalexaalexa proxyalexa topalf featuresalienvault_ransomwareall octoseekall quietall scoreblueall searchallowed serveraltsvc h3america flaganalysis dateanalyzeanalyzer pasteandarielandroidandroid deviceandroid phoneanomalous fileapacheapi blogappdataappleapple iosapple phoneapplication developmentarizonaartemisartificial intelligenceartroas autonomousas35994 akamaias56864 xeonas57416 llcasciiascii textasiaasnone dnsasnone germanyasnone hongasnone relatedasnone unitedattackaustraliaaustriaav detectionsavailable fromavast avgavg clamavawfulbackbackdoorbad reputationbank securitybankerbazaloaderbazarloaderbeach researchbehavbelgiumbillbinary filebiosbitsblackblacklist httpblacklist httpsblisterbodybotnet activitybotnetworkbrazilbrian sabeybrowser eventsbrowser hijackingbrute forcebrute force attackc2cachecamera usagecanada unknowncancel anytimecapecapturecatalog treeccbasech uacharter communicationschecked urlcheckinchilechina telecomchina unknownchromecisco devicecisco umbrellacityck idck matrixck t1003classclassic poemscleanerclick-based attackclickable urlscloud infrastructurecnamecnapple publiccnccnc beaconcnuscobalt strikecobaltstrikecodecode executioncode injectioncoinminercom laudecommandcommand & controlcommand and controlcommand executioncommunication protocolcommunication technologiescomodo rsacompany limitedcompromised hostcomputer visionconduitcontactcontacted urlscontains-embedded-jscontains-macho attachmentcontent lengthcontent typecontrol servercontrol ta0011cookiecopycopy md5copy sha1copy sha256corecorporate lawcountry unknowncovid19cp buscp cybercrashcreation datecredential accesscredential harvestingcredential stuffingcredential theftcrowdstrikecrypcryptocryptocurrencycryptocurrency threatscryptojackingcsc corporatecur conocyber espionagecyber folkscyber stalkingcyber threatcyber threatscyber warfareczechczechia unknowndaddydangerdarksidedarkside ransomwaredata accessdata centerdata copyingdata encryptiondata exfiltrationdata redacteddata store exposuredata transferdatabase securityddosddos attacksde indicatorsde pagede summarydecoy systemdeep learningdefense evasiondelawaredeletedelete cdelete shadowsdelphidemonbotdenverdenver codenver coloradodetail domainsdetected m1detection listdeuteronomy 28:7development methodologiesdevice controldevice managementdevopsdiscovery e1082discovery t1027div divdnsdns attackdnspionagednssecdockdocs pricingdomaindomainsdomains domainsdomains filesdomains showdos borlanddos executabledownerdownldrdrive bydroppeddropperdumping t1005dynadot incdynamicloadere1203 datae1564 hiddeneasyredir cacheecho requestedsaidee edcje4jekyxeelementelevated exposureemailsemails infoemotetencryptencryptionendgameengineeringenglishenjoyenterprise networkingenterprise securityentityentriesentries foundeofaeerroret infoet toret useragentsetpro malwareeuropeeurope/asiaevasion ob0006evasion ta0005exitexpirationexpiration dateexpires thuexploitexploit noneexploitationexploitation activityextortionfacefailurefakedout threatfalconfalcon sandboxfancy bearfbnoscript1fe fffederation asnfilefilehash-sha256filesfiles domainfiles filesfiles ipfiles locationfiles matchingfiles relatedfin ivdofinal urlfinancefinancial institutionfinancial servicesfireholfirstflag unitedfollowfor privacyformatfoundfound peframes domainfreefree poemsfriendship poemsfueryfusioncoreg2 issuerg2 namegafgytgandi sasgeneral fullgeneratorgenericgeneric windosgermanyget dnsget h2get httpget httpsghost ratgithub pagesglobal outagegmailgmail appgmbh versiongooglegoogle chatgoogle safegroupgrumgsqueuegts caguardh1 centerh3 phackershackers for hirehasheshashes capeheader intelhealthy checkheavenheavenshelloworldher beamherselfheurhichinahidden usershide artifactshighhigh levelhistorical sslhitmenholidaycheck aghome networkhondurashong konghosthostinghostnamehostname addhostname enumerationhostname serverhstrhtml documenthttphttp attackhttp gethttp headerhttp headershttp hosthttp methodhttp requesthttp requestshttp scannerhttpshttps httphuawei hg532huawei remotehungaryhungary unknownhunkhybridhypervianaiana refice fogicedidicmp trafficico rtgroupiconidentity & access exploitationids detectionsiframeimmobilien agimpact ob0008impact ta0040inboundindicatorindonesiainfo compilerinfo performsinformation gatheringinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinjectinjection activityinjection attacksinput validation bypassinstallinstalls ipintelintellectual property lawinternet of thingsinternet stormiobitiociocsiosiot botnetiot securityiot/ics attackipasns ipipv4ipv4 addirelandireland unknownisotopeissuing cait infrastructurejapanjpeg imagekalikenyakey identifierkeyloggerkgs0kls0known torkong asnkong unknownkratonakraupakuaizipkurt waltherlabs pulseslaplasclipperlarimer stlaw practicelegal consultinglegal researchlegal serviceslegal technologylicesslight darklinklinks certslnmplnmp alocallocal systemloginlondonlooklos angeleslove poemslowfiltd dbalucky guym1machine learningmagic pdfmail spammermainmalicious activitymalicious downloadmalicious linksmalicious powershell activitymalicious sitemalicious softwaremaltiverse safemaltiverse topmalvertisingmalvertizingmalwaremalware distributionmalware hostmalware sitemalware spreading evadermalware trafficmalware wormmarkmark brian sabeymarkmonitormatch infomediamedia centermediummeetmeet respondmemory patternmessage interceptionmetametadata analysismeterpretermethodmethod statusmetromexicomexico unknownmicrosoft waymikemillionmindminiigd upnpmiraimirai botnetmirai variantmisc attackmitmmitre attmitre attackmivastmobilemobile carriersmobile networksmobile securitymobile threatmodule loadmonitoringmoroccomorphexmost viewedmovedmozillams windowsmsdefender aprmsiemsilmwinname md5name serversname valuename verdictnanocore ratnation-state activitynatural language processingnetherlandsnetworknetwork compromisenetwork infrastructurenetwork scanningnetwork trafficneutralnextnext associatednext relatednidsnircmdnjratno entriesno expirationnode tcpnode trafficnondnsnorth americansisnsone as63949ob0005 defenseoc0006 httpoccamyoceaniaodigicert incopenopeniocoperating systemoperating system securityoperation endgameorgabusephoneorgidos credentialos2 executableotx octoseekotx scoreblueotx telemetryoverview ippapacking t1045page urlpandapanda bankerpanel itemparent parentpasspassive dnspassword attackspastepatch managementpatcherpath traversalpattern domainspattern ipspattern matchpayload hellopcappdb pathpdf documentpdf executionpdf reportpe resourcepe32 executablepedrazpegasusperuphishingphishing attackphishing sitephy samoplayplaystorepleasepng imagepoempoem topicspoemspoetrypolandpoland unknownponyporkbun llcpornporn videospornhubpornography distributionportpostpost httppowershellpragmapresent aprpresent augpresent decpresent janpresent julpresent junpresent marpresent sepprivacy adminprivacy badgerprivacy techprivacy toolsprocess injectionprocess32nextwproduct developmentproducts idprojectproject piprotectprotocol h2proud eveningproxypublic keypulse indicatorpulse pulsespulse submitpulsespuma sepushpythonqaejhqbotquality assurancequantum fiberquasar ratqueryquery typeradar ineractiveradar trackingrankransomransomwareratreadread crealtek sdkreconnaissancerecord typerecord valuerecycle binredacted forredlineredline stealerredlinestealerrefreshregexregistry t1018regszregulatory compliancerelated nidsrelated pulsesrelated tagsrelicremote accessremote attacksremote servicesremote systemreport spamrequestrequest idresearchedresolved ipsresolverrorresource hashresource hijackingresources cyberrespondresponse ipreverse dnsrisk assessmentrole titleromantic poemsrounduprpcsrsa tlsrticonrticon neutralrussiarussia unknownsabeysafe browsingsafe sitesakulasakula ratsamplessamuelsamuel tulachsan rafaelsandboxsatellite trackingsaudi arabiascams & fraudscan endpointsscanning hostscriptscript domainsscript urlsscripting attackssea xsearchsearch livesecure serversecurity operationssecurity policysecurity tlsseen asnseen lastserce internetuserverserver caserver errorserversserviceshellshell codeshinjiru mscshone paleshowshow techniqueshowingsiem compliancesigning casingaporesinkhole cookiesiteskipskynetskynet botslcc2slovakiaslugsmart replysoap commandsocial engineeringsocial media securitysoftware architecturesoftware developmentsoftware engineeringsoftware exploitationsoftware testingsoftware vulnerabilitiessouth americaspainspamspammerspanspan divspan h2span h3span spanssdeepssl bypassssl certssl certificatestarstatusstatus hostnamestealerstixstreamstringsstrongstussuitesummarysummary iocssuspsvg scalablesweepswipperswrortsymantec timesystemsystem disruptiont1003t1005t1012t1021t1021.001t1023t1027t1030t1035t1036t1036.004t1040t1041t1043t1045t1047t1053t1055t1056t1056.001t1057t1059t1059.001t1059.003t1059.007t1060t1064t1068t1069.001t1070t1071t1071.001t1071.002t1071.004t1078t1081t1082t1086t1089t1090t1095t1105t1106t1110.001t1110.002t1110.003t1110.004t1112t1114t1119t1122t1129t1133t1140t1143t1158t1173t1176t1179t1189t1189 foundt1190t1203t1204t1204.001t1204.002t1210t1480t1485t1486t1490t1496t1497t1498t1499.001t1499.002t1518t1553t1563t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1568t1569.002t1573t1583t1587.001t1589.001t1590.001t1595.003t1598tag counttagstags nonetags twittertaiwantcp trafficteamteams apitelecom servicestelecommunicationstext archiverthailandthanthnicthou bearestthreatthreat actorthreat analyzerthreat intelligencethreat preventionthreat reportthreat roundthreat roundupthreatstiggretimo salzsiedertitletitle telegramtls handshaketlsv1tlsv1 aprtmitofseetoolstop ratedtopictopicstor knowntor nodetor relayroutertotaltptjswtraffictreatstrid adobetrojantrojan featurestrojan malwaretrojanclickertrojandroppertrojanspytsara brashearsttl valuetulachtwittertwitter redirecttypetype gettype indicatorua platformukraine unknownumbrella rankunicode textunionuniqueunitedunited kingdomunited kingdom unknownunited statesunknown nsunknown trafficunsafeupdated dateupdaterupxurlsurls dateurls httpurls httpsursnifuser executionusersuswvutc submissionsvaluevalue snkzvector graphicsverdictvhashvideosvietnamviewsviprevirtoolvirusvulnerability scanwacatacwatchwaypoint objectwear osweb application attackweb application exploitationweb crawlerweb crawlingweb exploitationweb securityweb trafficwestlawwestlaw njratwewattawhoiswhois lookupswhois recordwhois whoiswin16 newin32 malwarewindowswindows controlwindows malwarewindows ntwininet c0005worldwormwritewrite cwriting guiwsasendx cachex contentx poweredx sucurix00bx00x509v3 subjectxamzexpires300xe exportxratxtratyandexyara detectionsyara ruleyndxyomi hunteryoutubezbotzenboxzeuszuorat

Activity Timeline

1 total obs

Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **bustyones.com** has been identified as a critical indicator of compromise (IOC) associated with multiple cyber threats originating from Hungary. First observed on December

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenDec 7, 2023

Last seenJun 7, 2026

Verified IOC

VirusTotal

0/ 91vendors flagged

0% detection rateJun 8, 2026

WHOIS

registrar: EuroDNS S.A.
creation date: 2004-06-29T20:47:50
expiration date: 2026-06-29T20:47:50
updated date: 2025-06-23T07:14:15
name servers: NS-1499.AWSDNS-59.ORG, NS-1567.AWSDNS-03.CO.UK, NS-531.AWSDNS-02.NET, NS-92.AWSDNS-11.COM, SDNS3.ULTRADNS.BIZ, SDNS3.ULTRADNS.COM, SDNS3.ULTRADNS.NET, SDNS3.ULTRADNS.ORG
country: LU
emails: [email protected], [email protected], [email protected], [email protected]
org: Whois Privacy (enumDNS dba)
status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited, clientTransferProhibited https://icann.org/epp#clientTransferProhibited

`bustyones.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy