Carding fraud site/forum: softsportal.su (briansclub.cm / briansclub.at) (phishing too?)

Stolen credit card data sites:

softsportal.su. 599 IN A 34.95.164.126

34.95.164.126 bigchopz.com 2021-04-22 15:25:48
34.95.164.126 hs-secure-id392.com 2021-04-20 13:20:38
34.95.164.126 securityidv.com 2021-04-22 15:36:14
34.95.164.126 yourcontrolboard.com 2021-04-22 18:27:36

_____________________

Was:

Related phish?

www-ama-zon.de-ap-signin-encoding-mr-c12-3e7-a90-cc-qd.ru. 599 IN A 34.73.229.21

34.73.229.21 bigchopz.com 2021-04-13 21:55:17
34.73.229.21 softsportal.su 2021-04-14 06:10:54

briansclub.cm. 1 IN A 8.209.73.178
briansclub.at. 599 IN A 8.209.73.178
________

Was:

briansclub.cm. 599 IN A 34.89.90.228

34.89.90.228 briansclub.cm 2021-03-04
34.89.90.228 briansclub.at 2021-03-04
34.89.90.228 www-ama-zon.de-ap-signin-encoding-mr-c12-3e7-a90-cc-qd.ru 2021-03-02
________

rescator.cm. 599 IN A 35.228.131.165

35.228.131.165 rescator.cn 2021-03-06
35.228.131.165 rescator.cm 2021-03-04
35.228.131.165 ns1.dzdns.net.rescator.at 2021-03-03
35.228.131.165 4jslg.rescator.cm 2021-03-01
35.228.131.165 ns2.dzdns.net.rescator.cm 2021-02-27

________________

Was:

rescator.cm. 599 IN A 34.90.252.91

34.90.252.91|146457687.superms-shop.su|2021-02-08 07:10:52
34.90.252.91|270213053.superms-shop.su|2021-02-08 06:00:31
34.90.252.91|golokolosqwer.xyz|2021-02-06 23:25:03
34.90.252.91|ms-shoplive.su|2021-02-08 12:56:50
34.90.252.91|ms-shoponline.su|2021-02-08 01:42:38
34.90.252.91|newms-shop.su|2021-02-09 06:50:34
34.90.252.91|superms-shop.su|2021-02-09 04:20:20

briansclub.at. 59 IN A 62.182.84.13

lampeduza.su. 14399 IN A 46.173.214.19

________________

Was:

rescator.cm. 599 IN A 8.208.82.213

briansclub.at. 59 IN A 62.182.84.13
briansclub.cm. 59 IN A 62.182.84.13

lampeduza.su. 14399 IN A 91.206.92.216

omerta.cc. 99 IN A 83.220.168.39

8.208.82.213|ns1.dzdns.net.rescator.cm|2021-02-04 06:06:35
8.208.82.213|ns2.dzdns.net.rescator.at|2021-01-30 18:20:39
8.208.82.213|rescator.at|2021-02-03 12:01:51
8.208.82.213|rescator.cm|2021-02-07 23:28:39
8.208.82.213|rescator.cn|2021-02-07 20:44:44
8.208.82.213|www.rescator.at|2021-01-30 03:22:28
8.208.82.213|www.rescator.cm|2021-01-31 12:51:52
8.208.82.213|www.rescator.cn|2021-02-02 21:28:01

_______________

Was:

rescator.cm. 59 IN A 145.239.90.54

2021-01-06 11:24:29 briansclub.at A 145.239.90.54
2021-01-06 11:24:52 briansclub.cm A 145.239.90.54

_______________

Was:

lampeduza.su. 14399 IN A 212.109.195.23

omerta.cc. 99 IN A 62.113.119.150

rescator.cm. 59 IN A 45.123.190.77

2020-12-21 11:17:47 ns1.dzdns.net.rescator.at A 45.123.190.77
2020-12-14 00:58:09 ns1.dzdns.net.rescator.cm A 45.123.190.77
2020-12-14 05:05:39 ns1.rvsdns.net.verified.sc A 45.123.190.77
2020-12-21 11:17:47 ns2.dzdns.net.rescator.at A 45.123.190.77
2020-12-14 00:58:09 ns2.dzdns.net.rescator.cm A 45.123.190.77
2020-12-14 05:05:39 ns2.rvsdns.net.verified.sc A 45.123.190.77
2020-12-14 00:58:09 rescator.cm A 45.123.190.77
2020-12-13 23:56:32 rescator.cn A 45.123.190.77
2020-12-14 14:40:39 verified.sc A 45.123.190.77
2020-12-26 06:06:18 www.rescator.at A 45.123.190.77
2020-12-20 21:32:28 www.rescator.cm A 45.123.190.77

2020-12-25 11:55:08 admin.omerta.cx A 62.113.119.150
2020-12-25 13:33:28 hostmaster.omerta.cc A 62.113.119.150
2020-12-28 10:37:14 hostmaster.omerta.cx A 62.113.119.150
2020-12-23 15:29:58 hostmaster.omerta.wf A 62.113.119.150
2020-12-17 14:11:16 omerta.cc A 62.113.119.150
2020-12-17 14:11:16 omerta.cx A 62.113.119.150
2020-12-17 14:11:16 omerta.wf A 62.113.119.150
2020-12-19 13:00:49 www.omerta.wf A 62.113.119.150

2020-12-26 07:44:40 amexcardcvv.info A 212.109.195.23
2020-12-27 11:54:21 creditcardinfogenerator.info A 212.109.195.23
2020-12-27 11:43:36 cvshop.pw A 212.109.195.23
2020-12-26 02:51:43 feshop-forever.su A 212.109.195.23
2020-12-27 06:26:01 mail.briansdump.su A 212.109.195.23
2020-12-27 11:21:48 mail.buy-cc.ru A 212.109.195.23
2020-12-27 07:07:57 mail.buycreditcarddumps.info A 212.109.195.23
2020-12-28 14:21:16 mail.cardersvilla.ru A 212.109.195.23
2020-12-28 14:24:36 mail.cvv-seller.ru A 212.109.195.23
2020-12-27 12:26:33 mail.cvvnooncreditcard.info A 212.109.195.23
2020-12-28 14:26:19 mail.dumps-shop.su A 212.109.195.23
2020-12-26 11:56:33 mail.dumpscheck.ru A 212.109.195.23
2020-12-28 14:29:48 mail.feshop-forever.su A 212.109.195.23
2020-12-28 16:45:53 n1-shop.su A 212.109.195.23
2020-12-28 18:12:15 pawnsh0p.su A 212.109.195.23
2020-12-28 12:04:01 sellgoodcvv.info A 212.109.195.23
2020-12-26 09:49:44 shopbestccdumps.ru A 212.109.195.23
2020-12-27 09:40:30 shopfreshcvvshop.ru A 212.109.195.23
2020-12-28 08:23:43 thedumpcredit.info A 212.109.195.23
2020-12-26 11:47:36 validservice.ru A 212.109.195.23
2020-12-27 09:35:07 www.shopshoppingsiteswithoutcvvsecuritycode.ru A 212.109.195.23
2020-12-27 16:46:00 zanoled.su A 212.109.195.23

____________________

Was:

rescator.cm. 59 IN A 188.209.52.53
lampeduza.su. 14399 IN A 45.67.228.184
omerta.cc. 100 IN A 195.2.80.114

2020-09-30 07:55:22 4.rescator.cm A 188.209.52.53
2020-01-14 23:25:03 art22.groomlake.cc A 188.209.52.53
2019-10-23 02:20:14 brians.club A 188.209.52.53
2019-10-22 13:24:10 briansclub.at A 188.209.52.53
2019-10-25 13:34:22 briansclub.cm A 188.209.52.53
2020-04-19 23:15:23 ns1.dzdns.net.rescator.at A 188.209.52.53
2020-04-12 17:56:55 ns1.dzdns.net.rescator.cm A 188.209.52.53
2020-04-19 23:15:23 ns2.dzdns.net.rescator.at A 188.209.52.53
2020-04-12 17:56:55 ns2.dzdns.net.rescator.cm A 188.209.52.53
2020-04-19 23:15:23 rescator.at A 188.209.52.53
2020-04-12 17:56:55 rescator.cm A 188.209.52.53
2019-10-11 12:02:30 rescator.cn A 188.209.52.53
2020-08-29 05:52:23 rescator.sh A 188.209.52.53
2020-03-03 13:29:37 verified.sc A 188.209.52.53
2019-10-22 00:48:12 www.brians.club A 188.209.52.53
2020-08-23 02:35:39 www.rescator.at A 188.209.52.53
2020-04-12 17:57:26 www.rescator.cm A 188.209.52.53
2020-02-05 13:19:36 www.rescator.cn A 188.209.52.53
2020-09-04 07:15:06 www.verified.sc A 188.209.52.53

________________________

Was:

;; QUESTION SECTION:
;rescator.cm. IN ANY

;; ANSWER SECTION:
rescator.cm. 60 IN A 185.243.243.228
rescator.cm. 60 IN TXT «mailru-domain: aFcsOnQqsePpPftc»
rescator.cm. 60 IN SOA ns1.dzdns.net.rescator.cm. info.dzdns.net. 2018022751 1440 3600 2592000 60
rescator.cm. 120 IN NS ns2.dzdns.net.rescator.cm.
rescator.cm. 120 IN NS ns1.dzdns.net.rescator.cm.

___________

Was:

;; QUESTION SECTION:
;lampeduza.cm. IN ANY

;; ANSWER SECTION:
lampeduza.cm. 21600 IN TXT «v=spf1 redirect=_spf.yandex.net»
lampeduza.cm. 21600 IN SOA dns1.yandex.net. lampflow.yandex.ru. 2016032103 14400 900 1209600 14400
lampeduza.cm. 21600 IN MX 10 mx.yandex.net.
lampeduza.cm. 21600 IN NS dns1.yandex.net.
lampeduza.cm. 21600 IN NS dns2.yandex.net.

___________________

— Found authoritative nameserver: lara.ns.cloudflare.com
— contacting nameserver: lara.ns.cloudflare.com [173.245.58.128]

lampeduza.su A 104.24.123.24
lampeduza.su A 104.24.122.24

— DNS Lookup completed

____________________

— Found authoritative nameserver: ns1.dnspark.com
— contacting nameserver: ns1.dnspark.com [216.59.57.100]

omerta.cc SOA
origin = ns1.dnspark.com
mail addr = hostmaster@dnspark.com
serial = 1458605955
refresh = 14400 (4 hours)
retry = 7200 (2 hours)
expire = 1209600 (14 days)
minimum ttl = 3600 (1 hour)
omerta.cc NS ns1.dnspark.com
omerta.cc NS ns2.dnspark.net
omerta.cc A 185.36.102.114

— DNS Lookup completed

_________

Was:

[93.171.158.120]
NS1.LOVELY-POHOSTSEVICE.COM
NS2.LOVELY-POHOSTSEVICE.COM
NS3.LOVELY-POHOSTSEVICE.COM
NS4.LOVELY-POHOSTSEVICE.COM

Domain Name: OMERTA.CC
Domain ID: 96489781
WHOIS Server: whois.1api.net
Referral URL: http://www.1api.net
Updated Date: 2016-03-14T21:01:37Z
Creation Date: 2011-03-29T11:46:04Z
Registry Expiry Date: 2020-03-29T11:46:04Z
Sponsoring Registrar: 1 API GMBH
Sponsoring Registrar IANA ID: 1387
Domain Status: ok https://icann.org/epp#ok
Name Server: NS1.LOVELY-POHOSTSEVICE.COM
Name Server: NS2.LOVELY-POHOSTSEVICE.COM
DNSSEC: unsigned

Domain Name: LOVELY-POHOSTSEVICE.COM
Registrar: BIZCN.COM, INC.
Sponsoring Registrar IANA ID: 471
Whois Server: whois.bizcn.com
Referral URL: http://www.bizcn.com
Name Server: NS1.LOVELY-POHOSTSEVICE.COM
Name Server: NS2.LOVELY-POHOSTSEVICE.COM
Name Server: NS3.LOVELY-POHOSTSEVICE.COM
Name Server: NS4.LOVELY-POHOSTSEVICE.COM
Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited
Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Updated Date: 14-mar-2016
Creation Date: 14-mar-2016
Expiration Date: 14-mar-2017

_________

https://crimenetwork.biz/banner/rescator.gif
>>> https://rescator.cm/ [186.2.163.49]

=> https://lampeduza.cm/ [190.115.22.25] (was @ https://lampeduza.so/ )

=> http://omerta.cc [186.2.167.6]

— Found authoritative nameserver: ns1.ddos-guard.net
— contacting nameserver: ns1.ddos-guard.net [186.2.167.18]

rescator.cm SOA
origin = ns1.ddos-guard.net
mail addr = support@ddos-guard.net
serial = 1443541554
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
minimum ttl = 3600 (1 hour)
rescator.cm A 186.2.163.51
rescator.cm NS ns1.ddos-guard.net
rescator.cm NS ns2.ddos-guard.net
rescator.cm NS ns3.ddos-guard.net
rescator.cm NS ns4.ddos-guard.net
rescator.cm NS ns5.ddos-guard.net
rescator.cm NS ns6.ddos-guard.net
ns1.ddos-guard.net A 186.2.167.18
ns2.ddos-guard.net A 186.2.171.33
ns3.ddos-guard.net A 190.115.26.202
ns4.ddos-guard.net A 186.2.171.34
ns5.ddos-guard.net A 186.2.171.35
ns6.ddos-guard.net A 190.115.26.202

— DNS Lookup completed
____________

— Found authoritative nameserver: ns2.dnspark.com
— contacting nameserver: ns2.dnspark.com [104.153.199.100]

omerta.cc SOA
origin = ns1.dnspark.com
mail addr = hostmaster@dnspark.com
serial = 1457645128
refresh = 14400 (4 hours)
retry = 7200 (2 hours)
expire = 1209600 (14 days)
minimum ttl = 3600 (1 hour)
omerta.cc NS ns1.dnspark.com
omerta.cc NS ns2.dnspark.net
omerta.cc A 186.2.167.6

— DNS Lookup completed

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *