Generic Email ec34bc68 | phish.report

A generic email phishing kit loading CSS from an appspot project using a hard-coded access token.

References

https://urlscan.io/result/67743b55-f830-49e6-b71e-2fc71e4b8914/

Recent Detections

hxxps://u13749939[.]ct[.]sendgrid[.]net/ls/click?upn=X67CH1U18jC...

urlscan.io
hxxps://ikpusarambaraisbaejustdeyhalasincehiskindshebangamwellan...

urlscan.io
hxxps://fleek[.]ipfs[.]io/ipfs/QmZ9EXHAxhLLeFqf7nKx4uaDJjTPqjoMs...

urlscan.io
hxxps://elpluribonyeomamalakijadkwezuonuosewouriasantesanaciapon...

urlscan.io
hxxp://elpluribonyeomamalakijadkwezuonuosewouriasantesanaciapong...

urlscan.io
hxxp://ikpusarambaraisbaejustdeyhalasincehiskindshebangamwellano...

urlscan.io
hxxps://u14511627[.]ct[.]sendgrid[.]net/ls/click?upn=oGQNUT-2FE-...

urlscan.io
hxxps://storageapi[.]fleek[.]co/68630c1b-8de9-4c37-9b02-a399843f...

urlscan.io
hxxp://2008cupqsvid2nts479gha8bpdv63id59acm3pasb0avmod0um9qgj8[....

urlscan.io
hxxp://2001tid7rdhlne5e3752npot4vbs4ri2bv2c3qt4ieu23qjirkc49s8[....

urlscan.io

IOK Rule (edit)

title: Generic Email ec34bc68
description: |
  A generic email phishing kit loading CSS from an appspot project using a hard-coded access token.
references:
  - https://urlscan.io/result/67743b55-f830-49e6-b71e-2fc71e4b8914/
detection:
  bootstrapToken:
    requests|contains: 'bootstrap.min.css?alt=media&token=ec34bc68-b721-48e5-a02a-8deed9a44325'

  condition: bootstrapToken