2023-07-12 • Jump Cloud •
JumpCloud published a July 2023 incident IOC list for defenders responding to its targeted customer compromise investigation. The advisory identifies malicious domains to block for ingress and egress, including centos-repos.org, datadog-cloud.com, toyourownbeat.com, datadog-graph.com, primerosauxiliosperu.com, and canolagroove.com. It also provides representative file hashes across SHA256, SHA1, and MD5 families, including SHA256 values 9151ff77b65eeacd5cdddd13c041db3ad9818fd2aebe05d8745227fac7e516b8 and 4dc71b659c9277c7bb704392f8af5b6b2fbc9a66d3ad80d8cb4df0bd686f0e86. The source is an indicator-only support page, so the summary stays limited to defensive blocking guidance and does not add actor attribution.
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| IPv4 | 66.187.75.186 | 2023-07-12 | 2026-01-21 |
| IPv4 | 185.152.67.39 | 2023-07-12 | 2026-01-21 |
| IPv4 | 70.39.103.3 | 2023-07-12 | 2025-04-24 |
| DOMAIN | primerosauxiliosperu.com | 2023-07-12 | 2024-09-09 |
| DOMAIN | centos-pkg.org | 2023-07-12 | 2023-08-07 |
| DOMAIN | centos-repos.org | 2023-07-12 | 2023-08-07 |
| DOMAIN | toyourownbeat.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | launchruse.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | reggedrobin.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | nomadpkg.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | datadog-cloud.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | datadog-graph.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | zscaler-api.org | 2023-07-12 | 2023-07-20 |
| DOMAIN | alwaysckain.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | nomadpkgs.com | 2023-07-12 | 2023-07-20 |
| DOMAIN | canolagroove.com | 2023-07-12 | 2023-07-20 |
| IPv4 | 162.19.3.23 | 2023-07-12 | 2023-07-20 |
| IPv4 | 51.254.24.19 | 2023-07-12 | 2023-07-20 |
| IPv4 | 23.29.115.171 | 2023-07-12 | 2023-07-20 |
| IPv4 | 192.185.5.189 | 2023-07-12 | 2023-07-20 |
| IPv4 | 144.217.92.197 | 2023-07-12 | 2023-07-20 |
| IPv4 | 100.21.104.112 | 2023-07-12 | 2023-07-20 |
| IPv4 | 104.223.86.8 | 2023-07-12 | 2023-07-20 |
| IPv4 | 23.95.182.5 | 2023-07-12 | 2023-07-20 |
| IPv4 | 78.141.223.50 | 2023-07-12 | 2023-07-20 |
| IPv4 | 167.114.188.40 | 2023-07-12 | 2023-07-20 |
| IPv4 | 89.44.9.202 | 2023-07-12 | 2023-07-20 |
| IPv4 | 116.202.251.38 | 2023-07-12 | 2023-07-20 |
| IPv4 | 45.82.250.186 | 2023-07-12 | 2023-07-20 |
| IPv4 | 162.241.248.14 | 2023-07-12 | 2023-07-20 |
| IPv4 | 91.234.199.179 | 2023-07-12 | 2023-07-20 |
| IPv4 | 179.43.151.196 | 2023-07-12 | 2023-07-20 |
| HASH | 92480e506d51d920fcc1d4dba7206c3… | 2023-07-12 | 2023-07-12 |
| HASH | 3a9c24c92c221658a8bf9ce61d758e1a | 2023-07-12 | 2023-07-12 |
| HASH | cb0e71340f963f7f2f404a0431d82ac… | 2023-07-12 | 2023-07-12 |
| HASH | 4dc71b659c9277c7bb704392f8af5b6… | 2023-07-12 | 2023-07-12 |
| HASH | 9151ff77b65eeacd5cdddd13c041db3… | 2023-07-12 | 2023-07-12 |
| HASH | b8724109e5473b4ca79a13c33b865e32 | 2023-07-12 | 2023-07-12 |