Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

westernautomobileassembly.com #463

Closed
1 of 3 tasks
g0d33p3rsec opened this issue Apr 15, 2024 · 2 comments
Closed
1 of 3 tasks

westernautomobileassembly.com #463

g0d33p3rsec opened this issue Apr 15, 2024 · 2 comments
Assignees
@spirillen

Comments

@g0d33p3rsec
Copy link
Collaborator

g0d33p3rsec commented Apr 15, 2024
edited
Loading

Blacklist domain as

  • Wildcard, The domain should be entirely blacklisted
  • Subdomain, We should not blacklist the entire domain, only sub-domains
  • Both types, category depended, How to Blacklist, depends on category assign per (sub-)domain

Comments

This site is now hosting the kit that was previously at littleswanaircon[.]com[.]sg, iwan2travel[.]com, applesforfred[.]com, theaerie[.]ca, nico[.]sa, and ajstelecom[.]com[.]mx

Domain records

westernautomobileassembly.com|phishing

Hosts specific records, not used by DNS RPZ firewalls

No response

Screenshots

Screenshot

image
image
322489730-2bf85e59-c723-47b0-ac4c-05bb73a200d1
322543812-a9b29b94-6c70-4310-a5c8-35bc221a2a3e
322632101-4e419d09-c9da-44c9-9e47-307de7aa9000
322632444-2f5bba70-2106-4716-8418-75d66315c6da
322632522-15f09dda-46f2-4ea3-9289-49d209a02e3e
322632618-7d411c54-e62e-4c60-b429-c9120dbf5ee1
322632851-d762a731-68b4-47d6-81c0-b0e605483e56
322654456-8f1b8937-23b4-4416-9fb4-a62a29f2dc27
322654491-205c2709-fcdb-4ca2-b1e0-9cd3d0a41375
322661443-84bb7788-bc83-41c0-a8af-0c76ac44ac2c
322816886-972bf30e-879f-454f-9c9b-9f1e24e347d2
322816954-728686bc-457a-411a-97cb-2ce80952d755
322817016-f5653b8f-2e65-40e9-aeca-133f5dd1a7a7
322817104-4ed077fd-d536-4c03-a75f-a5e85c216561
322817191-6ee43d65-34b9-4454-ac0b-d0eb9b641eb0
322817267-022edbae-8fb4-4ffd-adae-1968d989d381
322817399-b4936ee5-5c2f-47dd-ae02-ed761062dba2
322817470-84fa2ebb-80c4-4890-a663-96cfcb1d0a19
322817521-9faedb23-0ce6-4296-b61f-283bb89f7ddb
322817570-37d3414e-09d7-4f01-9f99-e1d84fe42149
322817633-5d2c840c-ba1c-44b5-804a-f2c922c88c2a
322817699-877fad3e-0918-4726-9f6d-68d17e206597

Links to external sources

https://westernautomobileassembly.com/M3YydzlMOUYxQzR3M1o=
https://westernautomobileassembly.com/M3cyVjliOWwxRDljOVc=
https://westernautomobileassembly.com/M0YydTJvN000ejRqOTg=
https://westernautomobileassembly.com/MzIyMjl0OVk0eDdpN0Y
https://westernautomobileassembly.com/M1IyTjV4OGk5czZYNVE=
https://westernautomobileassembly.com/M2EySzdhOE4zTjJaNVY=
https://westernautomobileassembly.com/M1MyeTlmOVc5NTVMN0w=
https://westernautomobileassembly.com/M3czdTBCMEkwQjc1OHk= 
https://westernautomobileassembly.com/Mmw3WDd3MTc5TDFiNEo=
https://westernautomobileassembly.com/M1UyeTl6OWg2dzBlN0o=
https://westernautomobileassembly.com/M0MyczlZM1MySjBBMUs=
https://westernautomobileassembly.com/M2EzNTBkMHMwYjRpOXk
https://westernautomobileassembly.com/M0UyYjlBODA1cDMxOTI=
https://westernautomobileassembly.com/M2YwZzk2MnYzVjZhNlA=
https://westernautomobileassembly.com/M3cyVzZ3OEIyMTBOOXk=
https://westernautomobileassembly.com/M1QyZDNoOTQxVDNxN20=
https://westernautomobileassembly.com/M1oyUTg2N3U3NDd2N1E= 
https://westernautomobileassembly.com/M2cwVTUxNEIxOTFXM3I=
https://westernautomobileassembly.com/M20zNjBPMDYxQjFiMng=
https://twitter.com/darksamson2/status/1779784028880580627
https://twitter.com/betwaycodes1/status/1779786300289167487


### logs from uBlock Origin

_No response_
@g0d33p3rsec
Copy link
Collaborator Author

Took a look at the root of the domain and noticed this today.
image
image

@g0d33p3rsec g0d33p3rsec mentioned this issue Apr 17, 2024
Merged
@spirillen
Copy link
Contributor

Well you did catch the, up front... and that is good 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spirillen spirillen

Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spirillen @g0d33p3rsec