Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add additional malicious subdomains of pages.dev to domain list #442

Conversation

g0d33p3rsec
Copy link
Contributor

Phishing Domain/URL/IP(s):

84918e83348-reviewpage.pages.dev
84913240098-reviewpage.pages.dev
24715454098-reviewpages.pages.dev
738592845-review-pages.pages.dev
83910840-reviewpages.pages.dev
admin-ery.pages.dev
adobe-jkwefnewkjnfkjewnfkejwnfkjew.pages.dev
api-webchainfix.pages.dev
app-dappfix.pages.dev
decentralizationserver.pages.dev
defi-encrypt.pages.dev
diamondschoolss.pages.dev
g98765xfghjk654wrt.pages.dev
harambe-claim.pages.dev
multichaindexauth.pages.dev
multichainsolutionsfix.pages.dev
myid-cubu75674.pages.dev
onedrive-19e.pages.dev
page-time0t1frr13.pages.dev
page-time65463fdhsr.pages.dev
page-timehfy63535.pages.dev
page-timereyrgebrg.pages.dev
resdgsbvcfghgt67uhj89ikjnhgvcxcfghttyu3wsgzfc3bhytfcvvcfhz.pages.dev
steam-trader-tool.pages.dev
syncfulldap.pages.dev
update345.pages.dev
ww-wellsfargo.pages.dev

Impersonated domain

https://harambetoken.ai/
https://www.wellsfargo.com/
https://login.live.com
https://www.docusign.com/
https://www.navyfederal.org/
https://walletconnect.com/
https://business.facebook.com
https://www.pinterest.com/
https://www.amazon.com/
https://www.bing.com/

Describe the issue

Adding additional recently active malicious subdomains of pages.dev (#431).

Related external source

https://urlscan.io/result/9e52e82d-c324-4468-afe4-3790f93b2967/
https://urlscan.io/result/6a13f579-b7ba-4f56-b762-676359c84fea/
https://www.virustotal.com/gui/url/fda6b313eac6fa58ec064accf2f428a41b48259e27c09191e656afe197ad4915
https://urlscan.io/result/83ea0cdd-bb53-4349-ae2d-0db918605d7c/
https://www.virustotal.com/gui/url/7cdb0aa7b26bec35f94178982f79e04272e58e23e3ce05b829c675ce3689bfe4
https://urlscan.io/result/45a67c49-5ec9-474f-9806-3c0c9a0062a9/
https://www.virustotal.com/gui/url/8e3d6310afd0d21548d66b2e83b1d6225d57b2edad9781c61afa934e45988eca
https://urlscan.io/result/237f9116-c645-42e5-8b02-0430b47e3efc/
https://www.virustotal.com/gui/url/8e620774c6952cac83d9b81655088f7078c22bab75a88b932f4dd2a0c7979ff4
https://urlscan.io/result/90945e9c-35f7-4a40-912f-e39feae0a2ba/
https://www.virustotal.com/gui/url/3f061345e63b46a4d1207b35b5790a56088ebf718e333cc949a6cc824b1aa0a4
https://urlscan.io/result/dd437647-63a3-4417-8a37-1bc80b181f76/
https://www.virustotal.com/gui/url/77304ced249eedfe82f2e227af1e6465fc7b06c7a56f4652edbe605ea40758ec
https://urlscan.io/result/3835eb6c-0e18-44ae-b181-6cfa2058cae3/
https://www.virustotal.com/gui/url/326066aa9960401efbe7d20df557c7e546576ac25ad4bbe4dcb78113619355e8
https://urlscan.io/result/36a03552-6ffe-4399-b852-0fc16d320ab9/
https://urlscan.io/result/299cd0dd-5855-4d96-8247-44ce3ef67e2e/
https://www.virustotal.com/gui/url/2181c5f83d23706b9223b2bb394ceee68de357b4756a02c09eed61c43e3cb944
https://urlscan.io/result/21fbc6ec-9cfc-4049-89e0-96d4a3b13bd7/
https://www.virustotal.com/gui/url/49f9e5b92158a39302f9f763fa6e6f4aa2d4f841194ebcc6fa5495fe5004b858
https://urlscan.io/result/3c7ede2d-f909-4245-b3be-5713758006c9/
https://www.virustotal.com/gui/url/58b0319ee0fb0ae79f4a55b6877d85f57b375daa3cb2b8066700d2de0d44a288
https://urlscan.io/result/e8df736d-225d-45ea-b323-649768989874/
https://www.virustotal.com/gui/url/5ebc9658f4f3c39f94b8c27cae96b9f9cbbfc9e0ee8d0c86a59542e0d36e4d48
https://urlscan.io/result/5edffa13-4846-49c1-bc4d-5e70b74b9a24/
https://www.virustotal.com/gui/url/ddeaf01d4a369fa0300d8b8ea5198b966cf7f0aec29b4e1c3120d784716b66b4
https://urlscan.io/result/2b584eb1-8f44-47e7-936d-8442b12e2178/
https://www.virustotal.com/gui/url/9ed57a6f7c955a52415076cd936e42ff4ebfc8fd1cadc5db709d319cd4692e0f
https://urlscan.io/result/61e4ad2e-89bd-4d8e-ac7c-ce8b4e173fab/
https://www.virustotal.com/gui/url/c61e2aaa5eec746e82747e5d82cad9e27ebf209e0798ed2153a8dd9affc95933
https://urlscan.io/result/c07ec522-d63c-4203-866a-f6918fb2bcf3/
https://www.virustotal.com/gui/url/e0c5a4ccebe42265a22b742b77b4ca1bd432226cfd68fdc452cfb2d9a8da3f12
https://urlscan.io/result/7c94b522-f284-4ad3-9411-c4d974b0e95f/
https://www.virustotal.com/gui/url/3783e297ad4fb43af77a1e422c43cc20399fa6fdebc097a31c0b1094f143d19a
https://urlscan.io/result/b1baa499-dbe4-4d99-a185-6704ea8b9edc/
https://www.virustotal.com/gui/url/465418d7cca9235217deffeec33629d7262b68668ad22e38ffcc75c8942cf5b5
https://urlscan.io/result/d092fe81-71eb-40b6-b5b1-d378e3940146/
https://www.virustotal.com/gui/url/1b51f305b5952ec2bf2cc103e7f04a037f8e93ab5db14ae0710d60c5940e74cd
https://urlscan.io/result/51f1da20-7c5c-4b0c-9b33-a6cab4d8b6b2/
https://www.virustotal.com/gui/url/4a583a3d24915c29c4ccdf1b0bb5588afb903423444dd43716c263af4b3b2c3d
https://urlscan.io/result/bbe0c172-e7e8-40da-9503-21bf1a61c729/
https://www.virustotal.com/gui/url/71907f83dca9b4f379f58c9042349075f40d62473f49e7fed2af68a8b9aa257f
https://urlscan.io/result/5fbe6560-c476-4756-911b-1cc02158e863/
https://urlscan.io/result/649576ac-178e-4dcc-bd36-361476eb0696/
https://www.virustotal.com/gui/url/b0b791d5741b3cee3d9cf4d873f4952ab4857420b2531a436c1145fbd85d8417
https://urlscan.io/result/0c571018-98a9-4af8-97d4-aa701c568e08/
https://www.virustotal.com/gui/url/8752165cba3af5133d349f97f4661eb17b4e2671ac8173ab1908543f924838c2
https://urlscan.io/result/7dee5822-6e5b-4ea6-b054-60c2a28ce4ac/
https://www.virustotal.com/gui/url/ea089b08151d8be8a2808b3a24c8a0141a1f39057285890e4bc4e764f4dd4dd1
https://urlscan.io/result/2193e742-d9bd-4ddc-819c-1d9b69178cb0/
https://www.virustotal.com/gui/url/7d6a08e4828868ab57fa9a7f7347726d7e7d8b6aef07036b3c35575e3b45c5a5

Screenshot

Click to expand

9e52e82d-c324-4468-afe4-3790f93b2967
6a13f579-b7ba-4f56-b762-676359c84fea-1
83ea0cdd-bb53-4349-ae2d-0db918605d7c
45a67c49-5ec9-474f-9806-3c0c9a0062a9
237f9116-c645-42e5-8b02-0430b47e3efc
image
image
3835eb6c-0e18-44ae-b181-6cfa2058cae3-1
image
299cd0dd-5855-4d96-8247-44ce3ef67e2e
image
61e4ad2e-89bd-4d8e-ac7c-ce8b4e173fab
c07ec522-d63c-4203-866a-f6918fb2bcf3
b1baa499-dbe4-4d99-a185-6704ea8b9edc
d092fe81-71eb-40b6-b5b1-d378e3940146
51f1da20-7c5c-4b0c-9b33-a6cab4d8b6b2
bbe0c172-e7e8-40da-9503-21bf1a61c729
5fbe6560-c476-4756-911b-1cc02158e863
image
7dee5822-6e5b-4ea6-b054-60c2a28ce4ac
image

spirillen added a commit to mypdns/matrix that referenced this pull request Jul 5, 2024
Fixes #607

Relate: Phishing-Database/phishing#442

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
@spirillen spirillen merged commit a02a200 into Phishing-Database:main Jul 5, 2024
1 check passed
@g0d33p3rsec g0d33p3rsec deleted the add-additional-pages.dev-subdomains branch July 6, 2024 00:19
spirillen added a commit to mypdns/matrix that referenced this pull request Jul 12, 2024
Fix #607

Rel
- Phishing-Database/phishing#442
- Phishing-Database/phishing#423
- Phishing-Database/phishing#448

Credit: @g0d33p3rsec

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants