DomainMediumSignal 79/100

`pixelscast.com`

Location

British Indian Ocean Territory

First Seen

Dec 21, 2024

Last Seen

Mar 31, 2026

Dec 21

First Seen

540d ago

Mar 31

Last Seen

75d ago

Reports

source reports

79%

Confidence

medium

Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

79%

Signal Score

79 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

74 techniques

Feed Intelligence Summary

8 reports79% confidence

Source reports

79%

Confidence score

Category tags

account discoveryaccount profilingaccount takeoveractive scanad fraudad fraud campaignsamazonandroid tvaospaptasiabackdoorbadboxbadbox 2.0badbox malwarebelarusbotnetbotnet activitybotnet operationsbrazilbritish indian ocean territorybrute forcebrute force attackc2censyschinaclick-based attackcommand & controlcommand and controlcommunication technologiescompromised iot devicesconnected devicesconsumer devicesconsumer electronicscredential accesscredential harvestingcredential stuffingcredential stuffing attackscredential theftctvczechiadata exfiltrationdata store exposureddosdevice managementdistributed attacksencryptioneuropeeurope/asiaexploitation activityfinancefirmware exploitfirstfrancefraudgermanyidentity & access exploitationindiaindicatorindustrial iotinformation technologyinjection activityinternet of thingsiot analyticsiot applicationsiot botnetiot platformsiot securityit infrastructurekazakhstanlemon grouplongtvmalicious linksmalicious softwaremalwaremediamobilemobile carriersmobile device hijackingmobile devicesmobile networksmobile securitymobile threatmoyu groupnetherlandsnetworkpassword attacksphishingphishing attackprocess injectionproxyremote accessremote code executionresearchedresidential ipsresidential proxyresidential proxy usagerussiarussian federationsalestracker groupsatorisaudi arabiascams & fraudsdk spoofingsingaporesmart devicessocial engineeringsockssoftware developmentssh host keyssl/tls certificatesupply chainsupply chain attackt1001t1021t1021.001t1021.002t1027t1047t1053t1053.005t1055t1059t1059.001t1059.004t1064t1068t1071t1071.001t1071.004t1078t1078.004t1090t1090.001t1095t1102t1104t1105t1106t1110t1110.001t1110.002t1110.003t1110.004t1114t1114.001t1133t1189t1190t1199t1204t1204.001t1204.002t1486t1490t1496t1497t1497.003t1499t1499.002t1499.003t1499.004t1542.003t1547t1547.001t1547.003t1555t1558t1558.003t1565t1566t1566.001t1566.002t1566.003t1567t1567.001t1571t1573t1586t1588t1588.006t1592.002t1601t1608t1608.001t1608.004t1608.005telecom servicestelecommunicationsthreat actortor nodetriadaukraineuser executionyndx smart

Activity Timeline

1 total obs

Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

The domain `pixelscast.com` represents a significant and active threat, evidenced by its high risk score of 79.11 and widespread inclusion across multiple reputable threat intelligence feeds. This Indicator of Compromise (IOC) is strongly linked to sophisticated malware families, notably the BADBOX botnet, which is known for targeting consumer devices for various fraud schemes and data exfiltration. If left unaddressed, communication with this domain could lead to severe organizational impact, i…

Threat ScoreHigh Risk

SIGNAL

Signal Score

79%

Confidence

Reports

First seenDec 21, 2024

Last seenMar 31, 2026

VirusTotal

Not checked

WHOIS

description: Learn more about HUMAN, the artificial intelligence company designed to prevent bot attacks and fraud on ad tech platforms and digital publishers, from exploiting customers' valuable online accounts and other online services, and from partners.
raw: Administrative city: Tempe Administrative country: United States Administrative state: Arizona Create date: 2024-01-17 00:00:00 Domain name: pixelscast.com Domain registrar id: 146 Domain registrar url: https://www.godaddy.com Expiry date: 2027-01-17 00:00:00 Name server 1: ns21.domaincontrol.com Name server 2: ns22.domaincontrol.com Query time: 2024-01-18 12:47:26 Registrant city: a7319ae5e6c95df5 Registrant company: b46a98a26fe2fd9f Registrant country: United States Registrant email: c5697f0cba028816s@ Registrant name: 80315b2e6ac1a801 Registrant phone: b03d5abc696b79f6 Registrant state: 30bdd2917a604c83 Registrant zip: 052e5bd148f904f9 Technical city: Tempe Technical country: United States Technical state: Arizona Update date: 2024-01-17 00:00:00
references: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0, https://www.humansecurity.com/wp-content/uploads/2025/03/BADBOX-2-H5-Domain-List.csv, https://censys.com/unpacking-the-badbox-botnet/, https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/, https://www.bitsight.com/blog/badbox-botnet-back, https://threatfox.abuse.ch/export/csv/recent/, https://humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/

`pixelscast.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy