Type/Title |
URL |
Domain |
IP Address |
Threat Actor Email(s) |
|---|---|---|---|---|
Applekit (probably) |
https://apple.com-m.us/admin/login |
com-m.us |
103.67.236.176 |
appleautha@gmail.com |
Broken AppleKit |
https://icloud.com-m.us/ |
com-m.us |
103.67.236.176 |
appleautha@gmail.com |
Broken iPanel |
https://apple.com-sign-in.xyz/ |
com-sign-in.xyz |
31.31.198.115 |
N/A |
Broken iPanel |
https://icloud.com-findmyphone.com/ |
com-findmyphone.com |
31.31.196.132 |
messi.xboxlive@gmail.com |
Alan Neilan ANeilan
ANeilan
/ stuff-i-found-on-stream-2020-05-09.md
Last active
May 9, 2020 15:12
stuff i found while on twitch last night into this morning
ANeilan
/ tech-support-scammer-kits-2020-05-08.md
Created
May 8, 2020 11:54
handful of tech support scammer kits i found overnight
URL |
IP Address |
Scammer Phone Number |
|---|---|---|
http://jamtaramicro.club/jp%20pop.zip |
72.52.229.133 |
050-5532-1336 |
http://southafrictekkitech3242.xyz/Southafrica.zip |
162.241.27.152 |
087 821 7499 |
http://southafrotechie.xyz/new%20zealand.zip |
162.241.27.152 |
04 889 0699 |
http://www.jamtaramicro.club/jp%20pop.zip |
72.52.229.133 |
050-5532-1336 |
http://www.southafrotechie.xyz/new%20zealand.zip |
162.241.27.152 |
04 889 0699 |
ANeilan
/ stuff-i-found-yesterday-2020-05-07.md
Created
May 7, 2020 16:19
stuff i found yesterday using certstream data from 2020/05/05
URL |
Domain |
IP Address |
Threat Actor Email(s) |
|---|---|---|---|
http://alerteg3husg4yagaandme.xyz/system.zip |
alerteg3husg4yagaandme.xyz |
199.188.200.52 |
N/A |
http://allmails.ga/QuotaLimit.zip |
allmails.ga |
111.90.142.141 |
`123@airs |
ANeilan
/ blogspam-links-from-blogspot-2020-05-04.md
Last active
May 4, 2020 23:30
a large chunk of blogspot blogspam scraped from a group on facebook group that was overrun with spambots
URL |
Blogger Profile URL |
Blogger Profile Name |
Link Redirect |
|---|---|---|---|
https://007-california2020.blogspot.com/ |
https://www.blogger.com/profile/08001925292236921561 |
Blogger: User Profile: shazi |
`https://www.pktechz.com/california- |
ANeilan
/ shells-on-freenoms-2020-04-29.md
Last active
April 29, 2020 17:19
bunch of webshells that i found on freenom domains. all follow the format (domain)/shell.php
URL of Shell |
IP Address |
|---|---|
hxxp://accept-71.cf/shell.php |
192.254.134.208 |
hxxp://accept-71.ga/shell.php |
192.254.134.208 |
hxxp://cojastic-71.cf/shell.php |
192.254.134.208 |
hxxp://cojastic-71.ga/shell.php |
192.254.134.208 |
hxxp://cojastic-71.gq/shell.php |
192.254.134.208 |
hxxp://cojastic-71.ml/shell.php |
192.254.134.208 |
hxxp://estate-71.ga/shell.php |
192.254.161.35 |
hxxp://estate-71.tk/shell.php |
192.254.161.35 |
ANeilan
/ whatsapp-and-other-weird-domains-2020-04-29.md
Last active
April 29, 2020 12:07
whatsapp group invites and other weirdness from bruteforced subdomains
URL |
Site Title |
IP Address |
|---|---|---|
bkp-manz.resmi1.xyz |
WhatsApp |
89.47.165.172 |
bkpgrupjoin.resmi1.xyz |
WhatsApp Group Invite |
89.47.165.172 |
bokep-virall.resmi1.xyz |
WhatsApp Group Invite |
89.47.165.172 |
bokep-virall66.resmi1.xyz |
WhatsApp Group Invite |
89.47.165.172 |
bokephits.resmi1.xyz |
WhatsApp Grup Join |
89.47.165.172 |
bokepjepang.resmi1.xyz |
WhatsApp Grup Join |
ANeilan
/ more-stuff-i-found-yesterday-2020-04-28.md
Created
April 29, 2020 11:15
more stuff i found yesterday, all of them are up as of 7:15am EST, 2020-04-29
URL |
Domain |
IP Address |
Threat Actor Email(s) |
|---|---|---|---|
http://abalancingactbook.xyz/fresh/onedriveGT.zip |
abalancingactbook.xyz |
91.234.99.221 |
ahmedwire2015@gmail.com |
http://biltomsen.ga/moearthlink.zip |
biltomsen.ga |
5.182.210.2 |
itachi900@yandex.com |
http://campuspolicy.icu/fresh/onedriveGT.zip |
campuspolicy.icu |
91.234.99.221 |
ahmedwire2015@gmail.com |
| `http://camtos.ml/moearthlink.zi |
ANeilan
/ whatsap-phishing-urls-2020-04-28.md
Created
April 28, 2020 19:27
bunch of Whatsapp Phishing urls i found from bruteforcing some subdomains of resmi91.tk
URL |
urlscan result |
|---|---|
http://gabung-wagrup.resmi91.tk |
http://urlscan.io/result/36785856-f11b-4024-b5a8-260299930ab5/ |
http://groupdewasa.resmi91.tk |
http://urlscan.io/result/f3c179f2-3caa-405f-b543-6e632429e98b/ |
http://grouphotviral.resmi91.tk |
http://urlscan.io/result/71c4b80f-1592-4538-9e96-2aeffc6b3e6b/ |
http://grubuwoeebudi01gaming.resmi91.tk |
http://urlscan.io/result/e65c220d-19a2-4527-9811-8f645dc8753d/ |
http://grupbudi01gaming.resmi91.tk |
http://urlscan.io/result/0749c1ad-5f92-4157-a1e5-5b455b187445/ |
http://joingrup11.resmi91.tk |
http://urlscan.io/result/92babd5d-a919-4be5-900c-9675ca3e2316/ |
http://joingrupsahurwoyy.resmi91.tk |
`http://urlscan.io/result/3d1a2d9b-1ba |
ANeilan
/ stuff-i-found-2020-04-28.md
Created
April 28, 2020 17:48
stuff i found from last nights certstream data during my shift
URL |
Domain |
IP Address |
Threat Actor Email(s) |
|---|---|---|---|
http://airasiaexpress.icu/jpmc/ |
airasiaexpress.icu |
178.159.36.51 |
N/A |
http://allnepaltrekking.icu/Financial/afzz.zip |
allnepaltrekking.icu * |
178.159.36.137 |
boxoffice794@gmail.com |
http://anaboliccooking.icu/document/Adobe%20PDF%20.zip |
anaboliccooking.icu |
178.159.36.53 |
alanking105@gmail.com |
ANeilan
/ stuff-i-found-2020-04-24.md
Created
April 25, 2020 02:54
stuff i found while i was on my shift at work
URL |
Domain |
IP Address |
Threat Actor Email(s) |
|---|---|---|---|
http://alkalabs.cf/1/Desktop.zip |
alkalabs.cf |
104.254.213.2 |
n/a |
http://alkalabs.cf/adobe.zip |
alkalabs.cf |
104.254.213.2 |
Robert.Heuschneider@lutz-jesco.epizy.com |
http://alkalabs.cf/jj/top.zip |