DomainMediumSignal 100/100
www.antispyware.com
Location
GermanyFirst Seen
Dec 12, 2023
Last Seen
Jun 13, 2026
Dec 12
First Seen
925d ago
Jun 13
Last Seen
11d ago
7
Reports
source reports
99%
Confidence
medium
10/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
7 reports99% confidence
7
Source reports
99%
Confidence score
Category tags
aaaaabuseacademic institutionsaccess ta0006account discoveryaccount hijackingaccount profilingaccount securityaccount takeoveractive relatedactive scanactive scanningadded activealbertaalbertandpalertsalienvault_ransomwareameranalysis dateanalysis ob0001analysis ob0002anguillaapr poisoningarubaascii textasiaaustraliaav detectionsbackdoorbad actorbad reputationbarbadosbinary filebodybotname httpbotnetbotnet activitybrute forcebrute force attackbusiness impersonationcanadachinacivil servicesck idck idsck techniquesclick-based attackcode executioncommandcommand & controlcommand and controlcommand executioncommunication protocolcommunication technologiescontent lengthcontrol ta0011copy md5copy sha1copy sha256costa ricacrashcreation datecredential accesscredential brute forcecredential stuffingcredential theftcuraçaodata accessdata copyingdata encryptiondata exfiltrationdata store exposuredata transferdefense evasiondelphidetections nonedistributed attacksdns attackdockdroppereducational resourceseducational serviceseducational technologyelectronic health recordsencryptencryptionenergyenergy distributionenigmaentityentriesentries peeuropeeurope/asiaexploitation activityextortionffssfiles locationfinanceflag unitedfraudgermanyget httpgovernment technologyhealth care and social assistancehealth information technologyhealthcare information systemshighhigher educationhong konghospital managementhostname enumerationhours agohtml documenthttp attackhttp brute forcehttp scannerhybrididentity & access exploitationids detectionsimpact ta0040indicatorinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinput validation bypassinteliociocsiot securityipv4it infrastructurek-12 educationkgs0kgso activitykls0klso activityl4ke.aff3ct.216learnlesslocallowfimalicious linksmalicious softwaremalvertisingmalwaremalware distributionmalware droppermalware infectionmarkusmedia centermedical servicesmediummemory patternmexicomitre attmobile carriersmobile networksmodule loadmovedmsiemtb yaraname tacticsnetherlandsnetworknetwork reconnaissancenetwork scanningnetwork traffic analysisnextnext associatednone filenorth americanortonob0007 impactob0012 fileoc0006 httpoceaniaoil & gasoperating system securitypacked executablepassive dnspassword attackspath traversalpatient carepattern domainspattern matchphilippinesphishingpolandpower generationpower systemspresent marpresent novprocess injectionprocess oc0003public administrationpublic infrastructurepublic policypulse pulsespulsespulses nonepulses urlqqpassransomransomwarercmprcmp abrcmp kelownaread creconnaissanceregulatory agenciesrelated nidsrelated pulsesrelated tagsremote accessremote servicesrenewable energyreport spamresearchedresolved ipsrole titlerussiascams & fraudsearchshowshowingsint maarten (dutch part)sizeslcc2slovakiasocial engineeringsoftware developmentsoftware exploitationspamspawnsstringssuspsystem disruptionsystem oc0001t1003t1005t1016t1021t1027t1030t1040t1041t1045t1053t1055t1057t1059t1060t1068t1071t1071.001t1078t1082t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1112t1113t1119t1129t1133t1143t1189t1190t1192t1203t1204t1204.001t1204.002t1480t1486t1490t1496t1499.002t1499.003t1547t1553t1562t1565t1566t1566.003t1567t1567.001t1583t1587.001t1589t1589.001t1590.001t1595t1595.001t1595.002t1595.003ta0007 commandta0009 commandtelecom servicestelecommunicationstelusthreat actortitle addedtls snitlsv1tor nodetrinidad and tobagotrojan malwaretrojandroppertwittertype indicatorualbertaukraineunauthorized accessunitedunited kingdomunited statesupatreurlsurls httpuser executionuss cusvwusvwuvirgin islands, u.s.vulnerability scanweb application attackweb application exploitationweb securityweb trafficwin32 malwarewin32qqpass aprwindows malwarewindows ntwininet c0005wormwriteyarayara detectionsyara: predator_the_thief
Activity Timeline
Jun 13Jun 13
Threat Activity Heatmap
· Peak: 2026-06-13LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **www.antispyware.com**, originating from Germany, has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports. First observed on December
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
7
Reports
First seenDec 12, 2023
Last seenJun 13, 2026
WHOIS
- registrar
- GoDaddy.com, LLC
- raw
- Creation Date: 2001-09-01T11:05:02Z DNSSEC: unsigned Domain Name: ANTISPYWARE.COM Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS1.AFTERNIC.COM Name Server: NS2.AFTERNIC.COM Name Server: VERIFICATION-REFK9AU2SWSYATLN4ZPWAB.NS101.VERIFY.HN Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: 480-624-2505 Registrar IANA ID: 146 Registrar URL: http://www.godaddy.com Registrar WHOIS Server: whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Domain ID: 76742977_DOMAIN_COM-VRSN Registry Expiry Date: 2026-11-16T04:59:59Z Updated Date: 2025-03-14T20:22:06Z
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 11 days ago
Appeared in 7 threat reports