DomainMediumSignal 68/100
posteit.cfd
Location
CanadaFirst Seen
Apr 12, 2025
Last Seen
Apr 18, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
7 reports68% confidence
7
Source reports
68%
Confidence score
Category tags
account compromiseafricaargentinaasiaaustraliabankingbanking malwarebanking trojanbotnetbotnet activitybrazilbritish indian ocean territorybrute forcecanadachinachinese threat actorscivil servicescommand and controlcommercial bankingcommunication technologiesconsumer goodscredential harvestingcredential stuffingcredential theftcredit card servicescyber threatsdata exfiltrationdata store exposuredistributed attacksecrimeecrime groupeuropeeurope/asiaexploitation activityfinancefinance and insurancefinancial institutionfinancial servicesfinancial technologyfleet managementfrancefraudfreight servicesgermanyglobal campaigngovernment technologyhosting provider: alibabahosting provider: tencentidentity & access exploitationindiaindicatorinjection activityiot securityitalyjapanmalicious softwaremalwaremaritime transportmexicomobile bankingmobile carriersmobile malwaremobile networksmobile phishingmobile threatnetworknorth americaoceaniapassenger transportationpayment processingphishingphishing attackphishing kitprocess injectionpublic administrationpublic infrastructurepublic policyrail transportransomwareregulatory agenciesresearchedretail traderussiarussian federationscams & fraudsmishing triadsmssms phishingsocial engineeringsouth africasouth americaspaint1047t1055t1071t1071.001t1078t1189t1192t1195.002t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1567.001t1583t1583.001t1584t1584.001t1585t1585.002t1586t1586.002t1589t1589.002t1598t1598.003t1608t1608.004telecom servicestelecommunicationsthreat actortor nodetransportation and warehousingtransportation infrastructuretransportation technologyunited kingdomunited stateswealth management
Activity Timeline
Apr 18Apr 18
Threat Activity Heatmap
· Peak: 2026-04-18LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), `posteit.cfd`, represents a significant and active threat to organizational security, warranting immediate attention. With a high threat score of 68.16, this domain is strongly associated with phishing campaigns conducted by "Smishing Triad," a sophisticated Chinese eCrime group known for targeting over 121 countries with advanced banking phishing kits. Its presence in an organization's environment suggests potential active compromise or ongoing targeting thro…
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
7
Reports
First seenApr 12, 2025
Last seenApr 18, 2026
VirusTotal
Not checked
WHOIS
- domain rank
- -1
- raw
- Create date: 2025-03-05 00:00:00 Domain name: posteit.cfd Domain registrar id: 1479 Domain registrar url: https://www.namesilo.com Expiry date: 2026-03-05 00:00:00 Name server 1: ns2.dnsowl.com Name server 2: ns1.dnsowl.com Name server 3: ns3.dnsowl.com Query time: 2025-03-06 11:09:00 Registrant company: 566bb814321610e4 Registrant country: United States Registrant email: 29e2c061f3c9524es@ Registrant state: e1c7c1911395a3cf Update date: 2025-03-05 00:00:00
- references
- https://www.silentpush.com/blog/smishing-triad
- subdomains count
- 1
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports