-
-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pages.dev #607
Comments
👍 added in 5316feb |
🎁
|
This one do not Belong here 😏
|
Closes #632 Rel - #607 - Phishing-Database/phishing#441
additional phishing subdomains
external sources
ScreenshotsSee also: Phishing-Database/phishing#442 |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
See also: Phishing-Database/phishing#448
Fixing some stale IOCs from Cisco's reporting. This morning, Cisco's Talos Intelligence Group released a report How do cryptocurrency drainer phishing scams work? which included a list of Indicators of Compromise (IOCs). Unfortunately, most of the IOCs listed are no longer active and of little tactical value. Fortunately, searching for the indicators on URLscan.io and then viewing the "similar" results yields many related active sites. Listed IOCs that are still active
Related external source
|
This is insane... they seems to do nothing like in nada, zip, zero, null to protect the domain, this makes it a risky to keep it open to my POV, would you like to reconsider the hammer? |
It is getting to that point. I hate to slam a site that offers free hosting but at this point the threat outweighs any benefit. On the other hand, they seem to police their platform better than Cloudfare. |
ok, but next time I believe this is going to be changed into a wildcard blocking, as CF are well known to hosts and protect scam/spam/phishing/malicious/POP and so on. So if you find something on |
Comments
While following up on the subdomains mentioned in Phishing-Database/phishing#422, I discovered additional malicious subdomains that were being primarily hosted at pages[.]dev along with additional related sites with the same signature.
more details are available at Phishing-Database/phishing#423
Wildcard domain records
Sub-Domain records
Hosts (RFC:953) specific records, not used by DNS RPZ firewalls
No response
SeafeSearch records
No response
Screenshots
Screenshot
Links to external sources
No response
logs from uBlock Origin
N/A
The text was updated successfully, but these errors were encountered: