Автор: blog

Stolen credit card data sites: www.Altenen.sk + www.Altenen.St + www.Altenen.Pro + www.Alboraaq.com Telegram Group : https://t.me/altenen_nz Twitter : https://twitter.com/group_atn Instagram : https://www.instagram.com/altenen.official/ altenen.is. 299 IN A 104.21.31.235 altenen.is. 299 IN A 172.67.180.192 altenen.sk. 21599 IN A 194.58.112.173 altenen.st. 299 IN A 172.67.195.240 altenen.st. 299 IN A 104.21.68.141 altenen.pro. 1799 IN A 104.244.73.248 alboraaq.com. 299 IN… Читать далее Carding fraud site/forum: altenen.is / altenen.sk / altenen.st / altenen.pro / alboraaq.com

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 172.67.200.215 on port 80 (using HTTP POST): hXXp://ol.gamegame.info/report7.4.php $ dig +short ol.gamegame.info 172.67.200.215 Referencing malware binaries (MD5 hash): 0001759655eacb4e57bdf5e49c6e7585 — AV detection:… Читать далее Malware botnet controller @172.67.200.215

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 104.21.78.28 on port 80 (using HTTP POST): hXXp://by.dirfgame.com/report7.4.php $ dig +short by.dirfgame.com 104.21.78.28 Referencing malware binaries (MD5 hash): 0c3f670f496ffcf516fe77d2a161a6ee — AV detection:… Читать далее Malware botnet controller @104.21.78.28

Received: from mail.alotsofmagic.co (mail.alotsofmagic.co [64.225.79.5]) Date: Sat, 24 Jul 2021 05:1x:xx +0000 Subject: kans te maken op een weekend in een Van der Valk hotel. From: «Van der Valk hotel.» <mail@alotsofmagic.co> URL: https://soul.jackychecky.co/index.php/campaigns/[] Server IP address is 172.67.213.195 Location: https://coffeecome.co/biz3600 Server IP address is 172.67.176.85 Location: https://www.suppertous.com/[] Server IP address is 185.95.85.241 Location: https://go.nltrck.com/?c=387&s1=3219&s2=[] Server… Читать далее Spamvertised website

Received: from mail.alotsofmagic.co (mail.alotsofmagic.co [64.225.79.5]) Date: Sat, 24 Jul 2021 05:1x:xx +0000 Subject: kans te maken op een weekend in een Van der Valk hotel. From: «Van der Valk hotel.» <mail@alotsofmagic.co> URL: https://soul.jackychecky.co/index.php/campaigns/[] Server IP address is 172.67.213.195 Location: https://coffeecome.co/biz3600 Server IP address is 172.67.176.85 Location: https://www.suppertous.com/[] Server IP address is 185.95.85.241 Location: https://go.nltrck.com/?c=387&s1=3219&s2=[] Server… Читать далее Spamvertised website

hellenicloans.webs.com. 299 IN A 104.17.119.40 hellenicloans.webs.com. 299 IN A 104.16.140.31 Received: from mail-lf1-f53.google.com (HELO mail-lf1-f53.google.com) (209.85.167.53) by xxS; Wed, 21 Jul 2021 08:07:43 +0000 Received: by mail-lf1-f53.google.com with SMTP id xx; Wed, 21 Jul 2021 01:07:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:from:date:message-id:subject:to; bh=UKXOJqFntzTA+42U+ncp+9EwXkwepbOuPhrdB1ZCBTQ=; b=Y+KOh6zESPIw7Br3pM5J6oduB0NmClYRilRiR25kLlALvUgW3tkRE2Jp5OF8dadlZ3 aX2jYzpW5dMoHpf//Dw8rFTurUvbdqub1t1MTbueA+Kc0s5l+oRwGdD6bmwgftm5rREZ hPM78QbfUCtzBFJbuMMuspuHPvUS4WN5el3MbkWjBAxWlclcxRWPhERK0ixMy39GGGey KbGfzKHXxhRqnmob8ODOvKYNrAWQ7HAPZBCwZ54ARbV1mL9+5FLA3Arog4vhnXPPbU3d +fuqGts395WAIf4BfU747OK2RWwgVYJMiIk0TL2sptmDzPdKQBURYZCcJKvMkpYu15JM DKWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256;… Читать далее Fraud spam for: hellenicloans.webs.com (ignored by vistaprint.com)

Strange how Google IPs, DNS or registrar are not used by «Google CDN»… https://otx.alienvault.com/indicator/url/http://googlecdn.in/ 45.207.55.244 w71.googlecdn.in 2021-07-25 22:56:58 45.207.55.30 k48.googlecdn.in 2021-07-25 15:46:24 45.207.55.143 k76.googlecdn.in 2021-07-25 12:30:47 45.207.55.244 w47.googlecdn.in 2021-07-25 10:53:31 45.207.55.64 k51.googlecdn.in 2021-07-25 08:31:39 45.207.55.68 k58.googlecdn.in 2021-07-25 08:28:40 45.207.55.144 k80.googlecdn.in 2021-07-25 07:39:59 45.207.55.68 k57.googlecdn.in 2021-07-25 05:05:42 45.207.55.65 k52.googlecdn.in 2021-07-25 03:50:48 45.207.55.245 y53.googlecdn.in 2021-07-24 13:39:47 45.207.55.66… Читать далее Hosting Google phishing and/or fraud domain: googlecdn.in (DNS)

https://altenen.is/ >>> https://hgn01.ru/ hgn01.ru. 299 IN A 104.21.86.56 hgn01.ru. 299 IN A 172.67.215.89 hgn01.com. 299 IN A 104.21.2.237 hgn01.com. 299 IN A 172.67.129.207 hgnstore.to. 299 IN A 104.21.51.79 hgnstore.to. 299 IN A 172.67.177.99 _________________ Was: 111.90.141.126 hgn01.com 2021-07-13 13:51:21 111.90.141.126 hgn01.ru 2021-07-13 16:51:33 _________________ Was: hgn01.ru. 2701 IN A 186.2.171.3 186.2.171.3 hgn01.com 2021-07-03 03:00:41 186.2.171.3… Читать далее Carding fraud site/forum: hgn01.ru / hgn01.com / hgnstore.to

https://altenen.is/ >>> https://hgn01.ru/ hgn01.ru. 299 IN A 104.21.86.56 hgn01.ru. 299 IN A 172.67.215.89 hgn01.com. 299 IN A 104.21.2.237 hgn01.com. 299 IN A 172.67.129.207 hgnstore.to. 299 IN A 104.21.51.79 hgnstore.to. 299 IN A 172.67.177.99 _________________ Was: 111.90.141.126 hgn01.com 2021-07-13 13:51:21 111.90.141.126 hgn01.ru 2021-07-13 16:51:33 _________________ Was: hgn01.ru. 2701 IN A 186.2.171.3 186.2.171.3 hgn01.com 2021-07-03 03:00:41 186.2.171.3… Читать далее Carding fraud site/forum: hgn01.ru / hgn01.com / hgnstore.to

https://altenen.is/ >>> https://hgn01.ru/ hgn01.ru. 299 IN A 104.21.86.56 hgn01.ru. 299 IN A 172.67.215.89 hgn01.com. 299 IN A 104.21.2.237 hgn01.com. 299 IN A 172.67.129.207 hgnstore.to. 299 IN A 104.21.51.79 hgnstore.to. 299 IN A 172.67.177.99 _________________ Was: 111.90.141.126 hgn01.com 2021-07-13 13:51:21 111.90.141.126 hgn01.ru 2021-07-13 16:51:33 _________________ Was: hgn01.ru. 2701 IN A 186.2.171.3 186.2.171.3 hgn01.com 2021-07-03 03:00:41 186.2.171.3… Читать далее Carding fraud site/forum: hgn01.ru / hgn01.com / hgnstore.to