search

mypdns / matrix

My Privacy DNS #Matrix lists for blacklisting
https://mypdns.org/
Other
85 stars 11 forks source link

87.228.9.175 #681

Closed g0d33p3rsec closed 1 month ago

g0d33p3rsec commented 1 month ago

Comments

This IP address and its associated domains are being used to distribute Lumma Stealer.

See also: https://github.com/mitchellkrogza/phishing/pull/450

Wildcard domain records

32.175.9.228.87|malicious

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

Links to external sources

https://nebulaquestcorporation.cc/cdnusa/invoiceupsstage
https://urlscan.io/result/e79640b4-6ca8-4bc9-b08e-b3b5955947b6/
https://www.virustotal.com/gui/file/9d9cfd342000ad5655052b050abd59afd502e4e570335c5922da03c117ec2749
https://lajollaautorepairs.com/cart/VBDVMGWB.exe
https://urlscan.io/result/ef983f61-edc6-4a31-99e6-6ebbeab7d9bf/
https://www.virustotal.com/gui/file/584945fbd2076bc151184065a72373f87405136be7b0131d36ded7d986b968fc
https://tria.ge/240712-yyrq8sybrp/behavioral1
https://scratchedcards.com/can/cantruck
https://urlscan.io/result/d7d70aa7-eb5b-457d-bc1d-7225b5ca4fc8/
https://www.virustotal.com/gui/file/59d2c2ca389ab1ba1fefa4a06b14ae18a8f5b70644158d5ec4fb7a7eac4c0a08
https://scratchedcards.com/can/IHBHXXQF.exe
https://urlscan.io/result/1bcaff89-5bcd-459a-8a37-c4694551dcf7/
https://www.virustotal.com/gui/file/b67dd604d01052c74a4f37160a7595d513c47f4974ccd4a35bdaecdaa38aeb34
https://any.run/report/b67dd604d01052c74a4f37160a7595d513c47f4974ccd4a35bdaecdaa38aeb34/82700ba4-69b0-4479-8148-71ce74324606
https://scratchedcards.com/update/invoice_past
https://urlscan.io/result/247adbd8-60ed-4887-96dc-c0751332892c/
https://www.virustotal.com/gui/file/ee4a9350d2f86473b8bee1aaea30d427ac97d9e83f8b5379dfa966bf6080e3ab
https://scratchedcards.com/binary/scrscrscr
https://urlscan.io/result/3b6ed669-431f-4663-abdb-0ecbc662c2a2/
https://www.virustotal.com/gui/file/c6ddf38097bdc8e2f9830c87e7574d48fdd2c95cf799307b1a32a1c2ceadbc70
https://scratchedcards.com/binary/wizardWatcher.exe
https://urlscan.io/result/a80c0c90-4a25-422c-b580-738f1f6b01fa/
https://www.virustotal.com/gui/file/756f2e371907a0da90e5b73f4c61060d0884e56bd20990928ce18c9604c5283e
https://any.run/report/756f2e371907a0da90e5b73f4c61060d0884e56bd20990928ce18c9604c5283e/639b23af-a076-4563-8889-b8f0895f11a3

logs from uBlock Origin

N/A