ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain free.primewinningways.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1780866
IOC: free.primewinningways.com
IOC Type :domain
Threat Type :payload_delivery
Malware: DollyWay
Confidence Level : Confidence level is elevated (70%)
Is compromised? : False
ASN:AS63949 AKAMAI-LINODE-AP
Country:- US
First seen:2026-04-04 07:08:56 UTC
Last seen:never
UUID:a48e0f90-2f98-11f1-9af6-42010aa4000a
Reporter craftknight
Reward 5 credits from ThreatFox
Tags:campaign-a casino dollyway gambling Keitaro TDS
Reference: https://www.rycerz.xyz/posts/wp-compromise-post-attack-analysis/

Avatar
craftknight
Domains from historical IPs of server04.com-2.mobi Keitaro TDS platform (65.60.9.236, AS32475). All casino/gambling affiliate redirect infrastructure. 648 urlscan.io observations on 65.60.9.236.