Intel-Ops (@intel_ops_io) 's Twitter Profile
Intel-Ops

@intel_ops_io

Adversary Infrastructure Hunting & Training
Curated Threat Intelligence Feed (Coming Soon)

intel-ops.io
medium.com/@Intel_Ops

ID: 1748077076689637376

linkhttps://academy.intel-ops.io/courses/hunting-adversary-infra calendar_today18-01-2024 20:17:21

113 Tweet

2,2K Followers

4 Following

Intel-Ops (@intel_ops_io) 's Twitter Profile Photo
Intel-Ops
@intel_ops_io

a year ago

Interesting recently created (2024-05-22) domain impersonating GE HealthCare. Resolving to 46.101.212[.]131, running #CobaltStrike server. Using Hunt.io we can see: ➡️the DNS record, ➡️Hoster: DigitalOcean, ➡️Watermark: 987654321 (cracked version).

Interesting recently created (2024-05-22) domain impersonating <a href="/GEHealthCare/">GE HealthCare</a>. Resolving to 46.101.212[.]131, running #CobaltStrike server. Using <a href="/Huntio/">Hunt.io</a> we can see: ➡️the DNS record, ➡️Hoster: <a href="/digitalocean/">DigitalOcean</a>, ➡️Watermark: 987654321 (cracked version).