Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iwan2travel.com #461

Closed
1 of 3 tasks
g0d33p3rsec opened this issue Apr 5, 2024 · 1 comment
Closed
1 of 3 tasks

iwan2travel.com #461

g0d33p3rsec opened this issue Apr 5, 2024 · 1 comment
Assignees
@spirillen
Labels
Phishing

Comments

@g0d33p3rsec
Copy link
Collaborator

Blacklist domain as

  • Wildcard, The domain should be entirely blacklisted
  • Subdomain, We should not blacklist the entire domain, only sub-domains
  • Both types, category depended, How to Blacklist, depends on category assign per (sub-)domain

Comments

This site is now hosting the kit that was previously at applesforfred[.]com, theaerie[.]ca , nico[.]sa, and ajstelecom[.]com[.]mx.

Domain records

iwan2travel.com|phishing

Hosts specific records, not used by DNS RPZ firewalls

No response

Screenshots

Screenshot

320067257-e014e2bf-20ef-499b-b3b6-b28041e977ba
320067769-d00a8ae9-16ae-4d81-837a-cb8056518892
320068228-51b9f356-8f21-4d96-ad1e-0747a6fca9e0
320068666-24a36577-98f5-4ab2-9018-5b4bfe87c049
320072776-11edf2f3-8243-4485-97b3-88c3f64cd296
320072930-75755b80-55ed-4a7a-beda-4350619a19dd
320136243-efeed078-55b3-4f1b-89f4-5f88c67942c4
320136479-65eacfd7-715c-451a-b5f2-2a46f8a3c4c6
320136700-c6cadc7d-c192-4e76-8f71-24718f6b1894
320136986-a03069ac-b230-4c7b-bbbd-f762dca294a7
320137296-91fbfb98-c761-4157-abb7-fb25bae9c37b
320141061-4b418e88-93f0-4f13-b0b9-325819a4aba8
320141368-e0caef86-009c-4258-b3f9-1d0c58e2d4c1

Links to external sources

https://urlscan.io/result/5fac7988-c559-4b51-bca3-c00ecfa5c843/
https://radar.cloudflare.com/scan/482cdb8e-6aea-492d-a2af-d4b41c39c722/
https://radar.cloudflare.com/scan/c0f533bd-0a95-41d4-934d-ddd6a693f48f/
https://radar.cloudflare.com/scan/c2154606-6eb6-46a9-bac9-086ff70adcb1/
https://urlscan.io/result/c7fa2160-54b4-4776-b79d-e4bc799f7abc/
https://urlscan.io/result/86ff1031-bf54-4379-8d93-697c841d1230/
https://urlscan.io/result/e5b6dca7-8950-4985-a7f0-bd72be549367/
https://radar.cloudflare.com/scan/1c693b23-8b3d-4dbb-8800-4af34eca2960/
https://radar.cloudflare.com/scan/696df281-714f-4524-8f06-ef8732a0b504/
https://urlscan.io/result/f8443413-c7bc-46da-998e-fb626eb8a3c4/
https://radar.cloudflare.com/scan/9e48c4fd-3410-4a43-9ede-4b2ba18802e1/
https://radar.cloudflare.com/scan/f7569e83-01cc-4e9c-8560-b98fd8ab54fe/
https://radar.cloudflare.com/scan/180eaf85-5dc0-4a51-b380-c81e5a8a7eb3/
https://radar.cloudflare.com/scan/b690ca5b-929c-495d-a7b1-ac7cf1f5757a/
https://radar.cloudflare.com/scan/1859aa37-c48d-49a6-a774-50f277d00e24/
https://radar.cloudflare.com/scan/b50e4e9c-6fec-4580-bf82-6e603202dcc3/
https://radar.cloudflare.com/scan/61579873-e6b4-46ea-81aa-3fc75f83ca0a/


### logs from uBlock Origin

_No response_
@spirillen
Copy link
Contributor

Thanks a bunch for your contribution

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spirillen spirillen

Labels
Phishing
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spirillen @g0d33p3rsec