Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

45.137.190.202 #729

Closed
g0d33p3rsec opened this issue Jul 15, 2024 · 0 comments
Closed

45.137.190.202 #729

g0d33p3rsec opened this issue Jul 15, 2024 · 0 comments
Labels
Phishing

Comments

@g0d33p3rsec
Copy link
Collaborator

Comments

This IP is hosting several active phishing pages along with multiple other staged domains that all target Steam using the same format as #728.

See also: mitchellkrogza/phishing#455

Wildcard domain records

32.202.190.137.45|phishing

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

348724646-02379533-2678-482e-8e2b-6ef5a22c83b8
348724720-392e9237-27b2-4bc5-9ca9-affd60e531ec

Links to external sources

https://urlscan.io/ip/45.137.190.202
https://steam.workshopstyle.com/sharedfiles/filedetails/ak47_hyperbeast/
https://steam.workshopstyle.com/sharedfiles/filedetails/ak47_blazedemon/
https://steam.workshopsmaker.com/sharedfiles/filedetails/ak47_hyperbeast2/
http://steam.workshopusers.com/sharedfile/filedetails/ak47-GoldenHour

logs from uBlock Origin

N/A
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Phishing
Milestone
No milestone
Development

No branches or pull requests
1 participant
@g0d33p3rsec