ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 85.209.163.250:3000.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1824445
IOC: 85.209.163.250:3000
IOC Type :ip:port
Threat Type :payload_delivery
Malware: Unknown Stealer
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS141968 IDNIC-IKADA-AS-ID
Country:- ID
First seen:2026-06-08 03:34:33 UTC
Last seen:never
UUID:0de95f08-62b0-11f1-a345-42010aa4000a
Reporter Anonymous
Reward 5 credits from ThreatFox
Tags:chrome-extension roblox session-hijacking
Reference: https://www.youtube.com/watch?v=GbYuFCUh_hs

Avatar
Anonymous
C2 server for "Starpets Money Glitcher" Chrome extension malware.
Steals Roblox .ROBLOSECURITY authentication tokens from children.
Endpoint: /refresh (continuous polling/heartbeat)
Location: PT. INDUSTRI KREATIF DIGITAL, Jakarta, Indonesia
Hosting abuse: @abuseradar.com