ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain kiss.a-dog.top.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1816899
IOC: kiss.a-dog.top
IOC Type :domain
Threat Type :payload_delivery
Malware: RedTail
Confidence Level : Confidence level is high (90%)
Is compromised? : False
First seen:2026-05-21 11:55:13 UTC
Last seen:never
UUID:217c6cc0-54ed-11f1-b930-42010aa4000a
Reporter nullblue67
Reward 5 credits from ThreatFox
Tags:docker-exploit domain-c2 Downloader

Avatar
nullblue67
Captured 2026-05-21 in Docker API exploit body (obfuscated). Backslash-evaded URL in Python urllib2 (http://ki..ss.a-d..og.t..op/t.sh) resolves to kiss.a-dog.top/t.sh. Same Docker exploit campaign as 209.141.58.166 and 205.185.118.246. 15/91 VT detections.