Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

45.141.156.248/32 #1433

Closed
g0d33p3rsec opened this issue Dec 20, 2024 · 1 comment
Closed

45.141.156.248/32 #1433

g0d33p3rsec opened this issue Dec 20, 2024 · 1 comment
Assignees
@spirillen
Labels
IP Range Blacklisting networks by using IP addresses versus domain names Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw
Milestone
Phishing

Comments

@g0d33p3rsec
Copy link
Collaborator

Comments

Related to #1428
Following up on a previous report for hosts of the Moneybadger$ antivirus scam, reviewing the IP revealed additional domains. See also: Phishing-Database/phishing#537

Wildcard domain records

32.248.156.141.45|malicious,phishing

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

38ec248d-2cd7-410b-9071-f2237c75857f
9795b06c-3fbe-41c6-b11f-5a2a99f4fb7e
39d82cf9-5801-4b7d-90a5-44010398ae6d
7438839e-b517-45a2-9c28-04d7853e316c
8e34b163-e394-462a-97b4-12a652ac81dd
dd817369-fc70-4ffc-82a9-d5c52472090e
c874b27c-df9d-4a5c-af75-2c759b01ba08
f132ae88-ec93-4ab2-abe0-7c50dc2f50d9

Links to external sources

https://idurcens.xyz/dmf_04/dmf_04_yg.php 
https://otwareng.xyz/dn_03/dn_03_yg.php
https://pejusing.xyz/5Fb/7.html 
https://numwezir.xyz/1/7.html
https://numwezir.xyz/2/7.html
https://numwezir.xyz/3/7.html
https://numwezir.xyz/4/7.html
https://numwezir.xyz/5/7.html
https://numwezir.xyz/6/7.html
https://urlscan.io/ip/45.141.156.248
https://urlscan.io/result/38ec248d-2cd7-410b-9071-f2237c75857f/
https://urlscan.io/result/9795b06c-3fbe-41c6-b11f-5a2a99f4fb7e/
https://urlscan.io/result/1f6a19a1-81ee-4b50-b499-5c317a9dabe4/
https://urlscan.io/result/39d82cf9-5801-4b7d-90a5-44010398ae6d/
https://urlscan.io/result/7438839e-b517-45a2-9c28-04d7853e316c/
https://urlscan.io/result/8e34b163-e394-462a-97b4-12a652ac81dd/
https://urlscan.io/result/dd817369-fc70-4ffc-82a9-d5c52472090e/
https://urlscan.io/result/c874b27c-df9d-4a5c-af75-2c759b01ba08/
https://urlscan.io/result/f132ae88-ec93-4ab2-abe0-7c50dc2f50d9/

logs from uBlock Origin

N/A
@g0d33p3rsec g0d33p3rsec added Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw IP Range Blacklisting networks by using IP addresses versus domain names labels Dec 20, 2024
@g0d33p3rsec g0d33p3rsec added this to the Phishing milestone Dec 20, 2024
This was referenced Dec 20, 2024
Closed
Closed
Closed
@spirillen
Copy link
Contributor

Love your way to work the comments. Short note with link to more in-dept info, you already have written elsewhere 🥇

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spirillen spirillen

Labels
IP Range Blacklisting networks by using IP addresses versus domain names Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw
Milestone
Phishing
Development

No branches or pull requests
2 participants
@spirillen @g0d33p3rsec