Carding fraud site/forum: rescator.at / rescator.cm / rescator.cn (lampeduza.cm / omerta.cc)

Stolen credit card data websites:

rescator.cn. 599 IN A 34.106.223.72

34.106.223.72 rescator.cm 2021-06-03 00:17:58
34.106.223.72 rescator.cn 2021-06-02 23:16:09

Phishing too?

34.106.223.72 mosmors236x.digital 2021-06-02 12:11:32
34.106.223.72 hakoland.digital 2021-06-02 07:02:13
34.106.223.72 akgerdanciger23.digital 2021-06-02 02:38:57
34.106.223.72 kaderutansin2.digital 2021-06-01 08:27:28
34.106.223.72 brlsdans2.digital 2021-06-01 02:15:47
34.106.223.72 motorkuryecagirgelsin.digital 2021-05-31 15:01:27
34.106.223.72 mollasdal.digital 2021-05-30 15:55:46
34.106.223.72 laledevricocuklari.digital 2021-05-30 15:45:53
34.106.223.72 romainhavasi24.digital 2021-05-28 01:10:53

_________________

Was:
rescator.cn. 599 IN A 47.254.133.224
rescator.cm. 599 IN A 47.254.133.224
rescator.sh. 599 IN A 47.254.133.224
_________________

Was:
rescator.cn. 599 IN A 35.222.193.82
_________________

Was:
rescator.cn
rescator.cm. 599 IN A 35.203.48.159
_________________

Was:

rescator.cm. 599 IN A 35.228.198.134
rescator.at. 599 IN A 35.228.198.134
rescator.cn. 413 IN A 35.228.198.134
_________________

Was:

rescator.cm. 599 IN A 35.230.130.174
rescator.at. 599 IN A 35.230.130.174
rescator.cn. 599 IN A 35.230.130.174

Seems to be phishing too:

35.230.130.174 application-accept.com 2021-02-21 21:22:17
35.230.130.174 application-review.com 2021-02-21 21:22:25
35.230.130.174 e210127.getprize.top 2021-02-21 10:31:57
35.230.130.174 getprize.top 2021-02-21 01:03:49
35.230.130.174 ghdffhdf.xyz 2021-02-21 19:10:40
35.230.130.174 mobile-application-4837.com 2021-02-21 21:23:06
35.230.130.174 rescator.cm 2021-02-22 16:00:56

_________________

Was:

rescator.cm. 599 IN A 34.65.116.184
rescator.at. 599 IN A 34.65.116.184

omerta.cc. 99 IN A 94.103.91.54

lampeduza.su. 14399 IN A 193.187.175.38

34.65.116.184 rescator.cm 2021-02-17 21:13:15
34.65.116.184 rescator.cn 2021-02-17 20:11:01
34.65.116.184 www.rescator.at 2021-02-13 09:44:33
34.65.116.184 www.rescator.cm 2021-02-13 13:42:29

193.187.175.38 briansdump.su 2021-02-11 03:58:41
193.187.175.38 buy-cc.ru 2021-02-13 18:46:36
193.187.175.38 cardertools.ru 2021-02-18 01:00:22
193.187.175.38 carding-planet.ru 2021-02-11 05:42:04
193.187.175.38 dump-shop.su 2021-02-15 07:03:44
193.187.175.38 dumpsgate.su 2021-02-16 02:08:39
193.187.175.38 feshop-forever.su 2021-02-10 11:57:02
193.187.175.38 fullz.ru 2021-02-13 06:22:07
193.187.175.38 mail.briansdump.su 2021-02-11 03:58:41
193.187.175.38 mail.cardersvilla.ru 2021-02-14 12:21:43
193.187.175.38 mail.carding-planet.ru 2021-02-11 18:55:19
193.187.175.38 mail.dumpsgate.su 2021-02-16 02:08:39
193.187.175.38 mail.lampeduza.su 2021-02-16 11:40:38
193.187.175.38 mail.logocc.su 2021-02-13 19:41:00
193.187.175.38 mail.monogo.ru 2021-02-11 19:19:57
193.187.175.38 mail.shoponlineshoppingnocvv.ru 2021-02-14 09:10:04
193.187.175.38 mail.smart-stripes.su 2021-02-11 19:34:54
193.187.175.38 mail.uni.ru.com 2021-02-14 08:41:05
193.187.175.38 monogo.ru 2021-02-14 06:37:01
193.187.175.38 number.ru.com 2021-02-11 23:32:41
193.187.175.38 pawnsh0p.su 2021-02-14 13:07:14
193.187.175.38 shopbestccshopforcarding.ru 2021-02-13 10:33:21
193.187.175.38 shopbuyccdumpsonline.ru 2021-02-14 10:50:31
193.187.175.38 shopbuycvvcreditcard.ru 2021-02-10 10:41:01
193.187.175.38 shopbuyliveccforcarding.ru 2021-02-11 10:20:18
193.187.175.38 shopbuywithoutcvv.ru 2021-02-14 10:47:21
193.187.175.38 shopcvvdebitcardmaestro.ru 2021-02-14 14:33:54
193.187.175.38 shopcvvdumpsforsale.ru 2021-02-14 11:02:12
193.187.175.38 shopcvvwithpin.ru 2021-02-10 10:34:17
193.187.175.38 shopgoswipecvv.ru 2021-02-14 10:53:24
193.187.175.38 shoplegitccshop.ru 2021-02-14 10:40:59
193.187.175.38 shopmastercvvcc.ru 2021-02-14 04:37:21
193.187.175.38 shoppurchasewithoutcvv.ru 2021-02-15 09:16:50
193.187.175.38 uni.ru.com 2021-02-14 08:41:05
193.187.175.38 www.carderscave.ru 2021-02-16 23:37:22
193.187.175.38 www.uni.ru.com 2021-02-18 04:08:35

_________________

Was:

lampeduza.su. 14399 IN A 35.154.235.234
_________________

Was:

lampeduza.su. 14399 IN A 176.119.157.97

_________________

Was:

lampeduza.su. 14399 IN A 212.109.195.23

omerta.cc. 99 IN A 62.113.119.150

rescator.cm. 59 IN A 45.123.190.77

2020-12-26 07:44:40 amexcardcvv.info A 212.109.195.23
2020-12-27 11:54:21 creditcardinfogenerator.info A 212.109.195.23
2020-12-27 11:43:36 cvshop.pw A 212.109.195.23
2020-12-26 02:51:43 feshop-forever.su A 212.109.195.23
2020-12-27 06:26:01 mail.briansdump.su A 212.109.195.23
2020-12-27 11:21:48 mail.buy-cc.ru A 212.109.195.23
2020-12-27 07:07:57 mail.buycreditcarddumps.info A 212.109.195.23
2020-12-28 14:21:16 mail.cardersvilla.ru A 212.109.195.23
2020-12-28 14:24:36 mail.cvv-seller.ru A 212.109.195.23
2020-12-27 12:26:33 mail.cvvnooncreditcard.info A 212.109.195.23
2020-12-28 14:26:19 mail.dumps-shop.su A 212.109.195.23
2020-12-26 11:56:33 mail.dumpscheck.ru A 212.109.195.23
2020-12-28 14:29:48 mail.feshop-forever.su A 212.109.195.23
2020-12-28 16:45:53 n1-shop.su A 212.109.195.23
2020-12-28 18:12:15 pawnsh0p.su A 212.109.195.23
2020-12-28 12:04:01 sellgoodcvv.info A 212.109.195.23
2020-12-26 09:49:44 shopbestccdumps.ru A 212.109.195.23
2020-12-27 09:40:30 shopfreshcvvshop.ru A 212.109.195.23
2020-12-28 08:23:43 thedumpcredit.info A 212.109.195.23
2020-12-26 11:47:36 validservice.ru A 212.109.195.23
2020-12-27 09:35:07 www.shopshoppingsiteswithoutcvvsecuritycode.ru A 212.109.195.23
2020-12-27 16:46:00 zanoled.su A 212.109.195.23

____________________

Was:

rescator.cm. 59 IN A 188.209.52.53
lampeduza.su. 14399 IN A 45.67.228.184
omerta.cc. 100 IN A 195.2.80.114

2020-09-30 07:55:22 4.rescator.cm A 188.209.52.53
2020-01-14 23:25:03 art22.groomlake.cc A 188.209.52.53
2019-10-23 02:20:14 brians.club A 188.209.52.53
2019-10-22 13:24:10 briansclub.at A 188.209.52.53
2019-10-25 13:34:22 briansclub.cm A 188.209.52.53
2020-04-19 23:15:23 ns1.dzdns.net.rescator.at A 188.209.52.53
2020-04-12 17:56:55 ns1.dzdns.net.rescator.cm A 188.209.52.53
2020-04-19 23:15:23 ns2.dzdns.net.rescator.at A 188.209.52.53
2020-04-12 17:56:55 ns2.dzdns.net.rescator.cm A 188.209.52.53
2020-04-19 23:15:23 rescator.at A 188.209.52.53
2020-04-12 17:56:55 rescator.cm A 188.209.52.53
2019-10-11 12:02:30 rescator.cn A 188.209.52.53
2020-08-29 05:52:23 rescator.sh A 188.209.52.53
2020-03-03 13:29:37 verified.sc A 188.209.52.53
2019-10-22 00:48:12 www.brians.club A 188.209.52.53
2020-08-23 02:35:39 www.rescator.at A 188.209.52.53
2020-04-12 17:57:26 www.rescator.cm A 188.209.52.53
2020-02-05 13:19:36 www.rescator.cn A 188.209.52.53
2020-09-04 07:15:06 www.verified.sc A 188.209.52.53

________________________

Was:

;; QUESTION SECTION:
;rescator.cm. IN ANY

;; ANSWER SECTION:
rescator.cm. 60 IN A 185.243.243.228
rescator.cm. 60 IN TXT «mailru-domain: aFcsOnQqsePpPftc»
rescator.cm. 60 IN SOA ns1.dzdns.net.rescator.cm. info.dzdns.net. 2018022751 1440 3600 2592000 60
rescator.cm. 120 IN NS ns2.dzdns.net.rescator.cm.
rescator.cm. 120 IN NS ns1.dzdns.net.rescator.cm.

___________

Was:

;; QUESTION SECTION:
;lampeduza.cm. IN ANY

;; ANSWER SECTION:
lampeduza.cm. 21600 IN TXT «v=spf1 redirect=_spf.yandex.net»
lampeduza.cm. 21600 IN SOA dns1.yandex.net. lampflow.yandex.ru. 2016032103 14400 900 1209600 14400
lampeduza.cm. 21600 IN MX 10 mx.yandex.net.
lampeduza.cm. 21600 IN NS dns1.yandex.net.
lampeduza.cm. 21600 IN NS dns2.yandex.net.

___________________

— Found authoritative nameserver: lara.ns.cloudflare.com
— contacting nameserver: lara.ns.cloudflare.com [173.245.58.128]

lampeduza.su A 104.24.123.24
lampeduza.su A 104.24.122.24

— DNS Lookup completed

____________________

— Found authoritative nameserver: ns1.dnspark.com
— contacting nameserver: ns1.dnspark.com [216.59.57.100]

omerta.cc SOA
origin = ns1.dnspark.com
mail addr = hostmaster@dnspark.com
serial = 1458605955
refresh = 14400 (4 hours)
retry = 7200 (2 hours)
expire = 1209600 (14 days)
minimum ttl = 3600 (1 hour)
omerta.cc NS ns1.dnspark.com
omerta.cc NS ns2.dnspark.net
omerta.cc A 185.36.102.114

— DNS Lookup completed

_________

Was:

[93.171.158.120]
NS1.LOVELY-POHOSTSEVICE.COM
NS2.LOVELY-POHOSTSEVICE.COM
NS3.LOVELY-POHOSTSEVICE.COM
NS4.LOVELY-POHOSTSEVICE.COM

Domain Name: OMERTA.CC
Domain ID: 96489781
WHOIS Server: whois.1api.net
Referral URL: http://www.1api.net
Updated Date: 2016-03-14T21:01:37Z
Creation Date: 2011-03-29T11:46:04Z
Registry Expiry Date: 2020-03-29T11:46:04Z
Sponsoring Registrar: 1 API GMBH
Sponsoring Registrar IANA ID: 1387
Domain Status: ok https://icann.org/epp#ok
Name Server: NS1.LOVELY-POHOSTSEVICE.COM
Name Server: NS2.LOVELY-POHOSTSEVICE.COM
DNSSEC: unsigned

Domain Name: LOVELY-POHOSTSEVICE.COM
Registrar: BIZCN.COM, INC.
Sponsoring Registrar IANA ID: 471
Whois Server: whois.bizcn.com
Referral URL: http://www.bizcn.com
Name Server: NS1.LOVELY-POHOSTSEVICE.COM
Name Server: NS2.LOVELY-POHOSTSEVICE.COM
Name Server: NS3.LOVELY-POHOSTSEVICE.COM
Name Server: NS4.LOVELY-POHOSTSEVICE.COM
Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited
Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Updated Date: 14-mar-2016
Creation Date: 14-mar-2016
Expiration Date: 14-mar-2017

_________

https://crimenetwork.biz/banner/rescator.gif
>>> https://rescator.cm/ [186.2.163.49]

=> https://lampeduza.cm/ [190.115.22.25] (was @ https://lampeduza.so/ )

=> http://omerta.cc [186.2.167.6]

— Found authoritative nameserver: ns1.ddos-guard.net
— contacting nameserver: ns1.ddos-guard.net [186.2.167.18]

rescator.cm SOA
origin = ns1.ddos-guard.net
mail addr = support@ddos-guard.net
serial = 1443541554
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
minimum ttl = 3600 (1 hour)
rescator.cm A 186.2.163.51
rescator.cm NS ns1.ddos-guard.net
rescator.cm NS ns2.ddos-guard.net
rescator.cm NS ns3.ddos-guard.net
rescator.cm NS ns4.ddos-guard.net
rescator.cm NS ns5.ddos-guard.net
rescator.cm NS ns6.ddos-guard.net
ns1.ddos-guard.net A 186.2.167.18
ns2.ddos-guard.net A 186.2.171.33
ns3.ddos-guard.net A 190.115.26.202
ns4.ddos-guard.net A 186.2.171.34
ns5.ddos-guard.net A 186.2.171.35
ns6.ddos-guard.net A 190.115.26.202

— DNS Lookup completed
____________

— Found authoritative nameserver: ns2.dnspark.com
— contacting nameserver: ns2.dnspark.com [104.153.199.100]

omerta.cc SOA
origin = ns1.dnspark.com
mail addr = hostmaster@dnspark.com
serial = 1457645128
refresh = 14400 (4 hours)
retry = 7200 (2 hours)
expire = 1209600 (14 days)
minimum ttl = 3600 (1 hour)
omerta.cc NS ns1.dnspark.com
omerta.cc NS ns2.dnspark.net
omerta.cc A 186.2.167.6

— DNS Lookup completed

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *