Cyberbro - Analysis Results

Analysis start time: 2025-11-20 18:24:38

Analysis duration: 0 minutes, 7.17 seconds

Observable	Type	DNS Lookup	IPquery	IPinfo	AbuseIPDB	VirusTotal	Google Safe Browsing	Shodan	Phishtank	Abusix	RDAP	ThreatFox	Google	Github	URLscan	Hudson Rock	MISP
xxocxo67@mail.ru	Email	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable
mail.ru	FQDN	89.221.239.1 90.156.232.4 185.180.201.1	IP: 89.221.239.1 Score: 0 Geoloc: Moscow, Moscow Country: Russia ASN: AS47764 LLC VK Type: Not anonymous	Reverse DNS applied IP: 89.221.239.1 Geoloc: Moscow, Moscow Country: Russian Federation Hostname: mail.ru ASN: AS47764 LLC VK	Reverse DNS applied Reports: 0 Risk: 0%	Ratio: 0/95 Community: -18	Not applicable	Ports: 80 443 Tags: EOL-PRODUCT	Found (invalid)	Abuse contact: abuse@corp.mail.ru	Not applicable	Not Found	Not applicable	Search results: ytdl-org/youtube-dl yt-dlp/yt-dlp twentyhq/twenty limbopro/Adblock4limbo calcom/cal.com	Scan count: 10000 Top domains: top-fwz1.mail.ru (72) mail.ru (12) cloud.mail.ru (4) my.mail.ru (4) otvet.mail.ru (2)	Compromised domain details Total: 242955 Total Stealers: 33447723 Employees: 85 Users: 242870 Total URLs: 14640 Last Employee Compromised: 2025-01-21 Last User Compromised: 2025-11-17 Applications: auth, bitbucket, confluence, cpanel, extranet, git, github, gitlab, hipchat, imap, jira, kaspersky, okta, oracle, owa, ping, rlogin, roundcube, salesforce, sap, sso, st, sts, twilio, vpn, webex, webmail, webvpn, zendesk, zoom Stealer Families: last_counted: 2025-10-28T04:42:37.052Z total: 50000 RedLine: 25289 Generic Stealer: 7709 Lumma: 5596 Raccoon: 3650 Azorult: 3240 Vidar: 1960 UNKNOWN: 1165 StealC: 896 CRYPTBOT: 145 Mystic: 139 DarkCrystal: 60 Taurus: 55 Ficker: 42 Predator: 36 KPOT: 13 Atomic: 5 Employee URLs: https://auth.mail.ru/cgi-bin/auth https://account.mail.ru/signup https://mail.ru https://account.mail.ru/login https://mail.ru/ Client URLs: https://account.mail.ru/login https://mail.ru https://account.mail.ru/signup https://mail.ru/ https://account.mail.ru	Not applicable

Observable

Type

DNS Lookup

IPquery

IPinfo

AbuseIPDB

VirusTotal

Google Safe Browsing

Shodan

Phishtank

Abusix

RDAP

ThreatFox

Google

Github

URLscan

Hudson Rock

MISP

xxocxo67@mail.ru

Not applicable

mail.ru

FQDN

89.221.239.1
90.156.232.4
185.180.201.1

IP: 89.221.239.1
Score: 0
Geoloc: Moscow, Moscow
Country: Russia
ASN: AS47764 LLC VK
Type: Not anonymous

Reverse DNS applied
IP: 89.221.239.1
Geoloc: Moscow, Moscow
Country: Russian Federation
Hostname: mail.ru
ASN: AS47764 LLC VK

Reverse DNS applied
Reports: 0
Risk: 0%

Ratio: 0/95
Community: -18

Not applicable

Ports:
80
443
Tags: EOL-PRODUCT

Found (invalid)

Abuse contact: abuse@corp.mail.ru

Not applicable

Not Found

Not applicable

Search results:
ytdl-org/youtube-dl
yt-dlp/yt-dlp
twentyhq/twenty
limbopro/Adblock4limbo
calcom/cal.com

Scan count: 10000
Top domains:

top-fwz1.mail.ru (72)
mail.ru (12)
cloud.mail.ru (4)
my.mail.ru (4)
otvet.mail.ru (2)

Compromised domain details

Total: 242955

Total Stealers: 33447723

Employees: 85

Users: 242870

Total URLs: 14640

Last Employee Compromised: 2025-01-21

Last User Compromised: 2025-11-17

Applications: auth, bitbucket, confluence, cpanel, extranet, git, github, gitlab, hipchat, imap, jira, kaspersky, okta, oracle, owa, ping, rlogin, roundcube, salesforce, sap, sso, st, sts, twilio, vpn, webex, webmail, webvpn, zendesk, zoom

Stealer Families:

last_counted: 2025-10-28T04:42:37.052Z
total: 50000
RedLine: 25289
Generic Stealer: 7709
Lumma: 5596
Raccoon: 3650
Azorult: 3240
Vidar: 1960
UNKNOWN: 1165
StealC: 896
CRYPTBOT: 145
Mystic: 139
DarkCrystal: 60
Taurus: 55
Ficker: 42
Predator: 36
KPOT: 13
Atomic: 5

Employee URLs:

Client URLs:

Not applicable