Is Mypressonline[.]com’s Hosting Service Being Abused? | WhoisXML API

Threat reports

Are Mypressonline[.]com’s Free Subdomain Hosting Services Being Abused?

We were alerted to the ongoing mypressonline[.]com phishing campaign1 and sought to uncover the site’s complete domain footprint and potential evidence of hosting abuse.

Our deep dive allowed us to build detailed threat research materials containing:

  • Over a thousand subdomains under the domain mypressonline[.]com
  • Hundreds of domains owned by a past registrant organization of the domain identified as IoC
  • Hundreds of domains resolving to the same IP address as the phishing host
  • Several domains and subdomains dubbed “dangerous” by various malware engines that when clicked could lead to bigger security problems

Download the threat research materials now to access the complete list of identified artifacts used to conduct additional enrichment and threat analysis.

---

  • [1] https://exchange.xforce.ibmcloud.com/collection/mypressonline-cdda8dd2b6eb9e5ecdce687fd407cfa2
Try our WhoisXML API for free
Get started