Known malicious kithighphishing
Wildcard-DNS Port-3443 Cohort — chunk-vendors
family: wildcard-port3443-aa15
4-host wildcard-DNS abuse sister of nested-subdomain-9003, serving on non-standard port 3443: tyyx.dakowe.1bdbr3.com:3443, tyyx.ooios.mgqlfa.com:3443.
Fingerprint anchors
Provenance
Added by: analyst
Added: 2026-05-26 19:23
4 hosts on port 3443.
Sightings (8)
| Host | Scan | Script | Match | When |
|---|---|---|---|---|
| hllj.okj2nc.mqgu23k.com:3443 | d06e54f5… | https://hllj.okj2nc.mqgu23k.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-06-09 15:13 |
| xlksd.xoce.5chve.com:3443 | 6cef9bdc… | https://xlksd.xoce.5chve.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 12:39 |
| xlksd.xoce.5chve.com:3443 | 7447c1e1… | https://xlksd.xoce.5chve.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 12:09 |
| tyyx.ooios.mgqlfa.com:3443 | c7415cac… | https://tyyx.ooios.mgqlfa.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 05:25 |
| tyyx.ooios.mgqlfa.com:3443 | 7b0edb3b… | https://tyyx.ooios.mgqlfa.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 04:47 |
| tyyx.dakowe.1bdbr3.com:3443 | 9eb062af… | https://tyyx.dakowe.1bdbr3.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 02:56 |
| tyyx.dakowe.1bdbr3.com:3443 | af95d91a… | https://tyyx.dakowe.1bdbr3.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 02:11 |
| tyyxwoei.28x.e2qr3hvr.com:3443 | 5137372b… | https://tyyxwoei.28x.e2qr3hvr.com:3443/tianyu/static/js/chunk-vendors.ae0cfe4d.js | byte | 2026-05-24 00:16 |