Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add subdomains discovered at glitch me #429

Merged
merged 4 commits into from
Jun 26, 2024
Merged

Add subdomains discovered at glitch me #429

merged 4 commits into from
Jun 26, 2024

Conversation

g0d33p3rsec
Copy link
Contributor

@g0d33p3rsec g0d33p3rsec commented Jun 25, 2024
edited
Loading

…main

Phishing Domain/URL/IP(s):

http://discord-fake-nitro-expiriment.glitch.me/
https://0ffice365-1drvve-oneauthmx1drive.glitch.me/
https://adobsmore.glitch.me/a/b/c/d/index.html?e=s****@v****************.com
https://faithful-cotton-blue.glitch.me/public/kiki768nhg76kh.htm
https://item-trck-uk-royal-mail.dmaqpay.com.br/royal/
https://melodious-rift-castanet.glitch.me/ffjjkfjkfr.html
https://rightful-diamond-skiff.glitch.me/public/z8m0m.htm?/NATIONWIDE.APPMOBILE/index.html
https://we3bwebma1l-r0unclcube-web3nail-nailweb-deliv3ry.glitch.me/?email=a*********.s*******@p*****.com

Impersonated domain

https://www.adobe.com/
https://www.coinbase.com/
https://discord.com/
https://www.id.me/
https://www.nationwide.co.uk/
https://www.office.com/
https://www.royalmail.com/
https://webmail.cpanel.net/

Describe the issue

While investigating the content on a suspicious image host, i.postimg.cc, I came across a number of malicious subdomains which are being hosted at glitch.me.

Related external source

https://urlscan.io/result/547fbfea-9dc0-419f-828a-01e2ccdce7bc/
https://www.virustotal.com/gui/url/07ebe6f10ffbf80f27b5112cda10254c6320703dea8aac8cfd32d80bc2238a3b
https://urlscan.io/result/b62e8401-8a3e-4c82-b903-49ae06014aea/
https://www.virustotal.com/gui/url/fd2045b883fd1cea4d33ea6a65f038eca7d9b844c3c0adc14c1d6a5fad5c3f7f
https://urlscan.io/result/1b6eaf6f-feb1-4be5-8b71-2eaecb786739/
https://www.virustotal.com/gui/url/8490d245db066a39c78b1920ee504f66c27ddabd4369c05250372b61bfb7e51f
https://urlscan.io/result/18aeb966-a059-4b0e-93e9-a16782e3fe43/
https://www.virustotal.com/gui/url/f9f98836815f2e04d4ba4054f4f3a1505ef6b0a3654cda9fd185480d060c2235
https://urlscan.io/result/24b753ec-a712-4c65-bf57-1d5ebe8350c5/
https://www.virustotal.com/gui/url/bec9d74be511f572beeb5011375523b277fc55098dc3b7f1dfb4d13380207a18
https://urlscan.io/result/cc4dc9e1-6477-4d3e-954c-5e9a5e886315/
https://www.virustotal.com/gui/url/00d68a2516ebc571352e158ce0af28b3f55964efce1b8acf5a4c0a2887584404
https://urlscan.io/result/7f81228c-c69d-4009-ad12-c2a4dcab323c/
https://www.virustotal.com/gui/url/3f41ee9ebf944c08886eed738cb24112c4633e9693a5ef34eaabf49748903aac
https://urlscan.io/result/654d60d8-0da2-4774-b1e2-188c75672d2a/
https://www.virustotal.com/gui/url/813a7d1c1e2e58388ea8972fe4f25c637f366201b622d66b70932a1974fb40db

Screenshot

Click to expand

image
b62e8401-8a3e-4c82-b903-49ae06014aea
1b6eaf6f-feb1-4be5-8b71-2eaecb786739
image
24b753ec-a712-4c65-bf57-1d5ebe8350c5
cc4dc9e1-6477-4d3e-954c-5e9a5e886315
image
image

@g0d33p3rsec g0d33p3rsec mentioned this pull request Jun 25, 2024
Closed
@spirillen spirillen merged commit 307f3e6 into Phishing-Database:main Jun 26, 2024
1 check passed
spirillen added a commit to mypdns/matrix that referenced this pull request Jun 26, 2024
@spirillen
glitch.me
f22759a 
Fix #616
Rel Phishing-Database/phishing#429

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
@g0d33p3rsec g0d33p3rsec deleted the add-subdomains-discovered-at-glitch_me branch July 5, 2024 01:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@g0d33p3rsec @spirillen