phishing
phishing copied to clipboard
Published
20 hours ago •
mitchellkrogza
mitchellkrogza
add 87.228.9.175 to IP blocklists
Phishing Domain/URL/IP(s):
87.228.9.175
agenttres.cc
nebulaquestcorporation.cc
mail.clukoutlet.com
lajollaautorepairs.com
scratchedcards.com
srekmmail.scratchedcards.com
useohbaby.com
cpcontacts.yourshowproductions.com
https://agenttres.cc/
https://nebulaquestcorporation.cc/cdnusa/invoiceupsstage
http://mail.clukoutlet.com/
https://lajollaautorepairs.com/cart/VBDVMGWB.exe
https://scratchedcards.com/update/invoice_past
https://scratchedcards.com/can/IHBHXXQF.exe
https://scratchedcards.com/can/cantruck
https://scratchedcards.com/binary/scrscrscr
https://scratchedcards.com/binary/wizardWatcher.exe
https://useohbaby.com/
http://cpcontacts.yourshowproductions.com/
Impersonated domain
Describe the issue
This IP address and its associated domains are being used to distribute Lumma Stealer.
Related external source
https://urlscan.io/search/#page.ip:%2287.228.9.175%22
https://app.any.run/tasks/82700ba4-69b0-4479-8148-71ce74324606/
https://any.run/report/b67dd604d01052c74a4f37160a7595d513c47f4974ccd4a35bdaecdaa38aeb34/82700ba4-69b0-4479-8148-71ce74324606
https://any.run/report/756f2e371907a0da90e5b73f4c61060d0884e56bd20990928ce18c9604c5283e/639b23af-a076-4563-8889-b8f0895f11a3
https://tria.ge/240712-yyrq8sybrp/behavioral1
https://urlscan.io/result/e79640b4-6ca8-4bc9-b08e-b3b5955947b6/
https://www.virustotal.com/gui/file/9d9cfd342000ad5655052b050abd59afd502e4e570335c5922da03c117ec2749
https://urlscan.io/result/247adbd8-60ed-4887-96dc-c0751332892c/
https://www.virustotal.com/gui/file/ee4a9350d2f86473b8bee1aaea30d427ac97d9e83f8b5379dfa966bf6080e3ab
https://urlscan.io/result/1bcaff89-5bcd-459a-8a37-c4694551dcf7/
https://www.virustotal.com/gui/file/b67dd604d01052c74a4f37160a7595d513c47f4974ccd4a35bdaecdaa38aeb34
https://urlscan.io/result/d7d70aa7-eb5b-457d-bc1d-7225b5ca4fc8/
https://www.virustotal.com/gui/file/59d2c2ca389ab1ba1fefa4a06b14ae18a8f5b70644158d5ec4fb7a7eac4c0a08
https://urlscan.io/result/3b6ed669-431f-4663-abdb-0ecbc662c2a2/
https://www.virustotal.com/gui/file/c6ddf38097bdc8e2f9830c87e7574d48fdd2c95cf799307b1a32a1c2ceadbc70
https://urlscan.io/result/a80c0c90-4a25-422c-b580-738f1f6b01fa/
https://www.virustotal.com/gui/file/756f2e371907a0da90e5b73f4c61060d0884e56bd20990928ce18c9604c5283e
https://urlscan.io/result/3ce821f5-7811-44c2-ad5c-c3fccc73e7f1/
https://urlscan.io/result/ef983f61-edc6-4a31-99e6-6ebbeab7d9bf/
https://www.virustotal.com/gui/file/584945fbd2076bc151184065a72373f87405136be7b0131d36ded7d986b968fc
Screenshot
Click to expand
