-
-
Notifications
You must be signed in to change notification settings - Fork 197
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move ajstelecom.com.mx to wildcard domain list #362
Move ajstelecom.com.mx to wildcard domain list #362
Conversation
remove ajstelecom[.]com[.]mx from domain list
add ajstelecom[.]com[.]mx to wildcard-domain list
It looks like I spoke too soon. Just tried another scan, at it seems the kit is still live. |
I attempted to rescan another sample of previously active URIs and all returned 404's. I'm leaving the issue open until I either get a confirmation from the host related to my ticket or the group moves to their next domain. |
Feel free to reopen anytime you have any news 😄 and good thinking about moving it to the wildcard list |
I received this confirmation today that the host is finally working the ticket. Also, the group has moved to the domain mentioned in #366. |
Well at least they did pick up the ticket at some point... Would however had expect a response time within a hour when you report phishing from my network... maybe that just me Thanks for the response. |
Domain/URL/IP(s) where you have found the Phishing:
Impersonated domain
Describe the issue
It has been a week and the only response I've received from the host is a ticket number assignment, which was on March 21, 2024. The domain is now detected by 13 engines on Virus Total and has been tagged as a "known infection source" and "phishing and fraud". At this point, I feel it is probably best to heed the advice @spirillen gave me in #353 and move this domain to the wild card list until either the host or site owner can properly respond and get the situation under control.
Related external source
Screenshot
Click to expand