New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

theaerie.ca #459

Closed

1 of 3 tasks

g0d33p3rsec opened this issue Apr 2, 2024 · 1 comment

Assignees

g0d33p3rsec commented Apr 2, 2024

Blacklist domain as

Wildcard, The domain should be entirely blacklisted
Subdomain, We should not blacklist the entire domain, only sub-domains
Both types, category depended, How to Blacklist, depends on category assign per (sub-)domain

Comments

This domain is now hosting the kit that was at nico[.]sa yesterday and ajstelecom[.]com[.]mx for the two weeks prior.  An abuse ticket has been filed with the host.  The previous ticket was resolved within 24 hours, the one before that took almost two weeks.

Domain records

theaerie.ca|phishing

Hosts specific records, not used by DNS RPZ firewalls

No response

Screenshots

Screenshot

Links to external sources

https://urlscan.io/result/300295b9-fadc-421d-a3ef-19539d938b6e/
https://www.virustotal.com/gui/url/2433d4ed4922ee62349836f953829394449d69e3ad95998326ad8e993fd05145



### logs from uBlock Origin

_No response_

The text was updated successfully, but these errors were encountered:

g0d33p3rsec assigned spirillen

Author

g0d33p3rsec commented Apr 2, 2024

#458 shows the kit at yesterday's host, #450 contains samples from the host before that

spirillen closed this as completed in

a68776a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment