$ host danske-asiakas.quest danske-asiakas.quest has address 104.21.62.173 danske-asiakas.quest has address 172.67.137.227 danske-asiakas.quest has IPv6 address 2606:4700:3032::ac43:89e3 danske-asiakas.quest has IPv6 address 2606:4700:3037::6815:3ead
Рубрика: cloudflare.com
Phishing payload against Danske (Nordic banking group)
$ host danske-asiakas.quest danske-asiakas.quest has address 104.21.62.173 danske-asiakas.quest has address 172.67.137.227 danske-asiakas.quest has IPv6 address 2606:4700:3032::ac43:89e3 danske-asiakas.quest has IPv6 address 2606:4700:3037::6815:3ead
Phishing payload against Aktia (Finnish bank)
$ host aktiay.xyz aktiay.xyz has address 172.67.206.69 aktiay.xyz has address 104.21.66.176 aktiay.xyz has IPv6 address 2606:4700:3032::ac43:ce45 aktiay.xyz has IPv6 address 2606:4700:3031::6815:42b0
Phishing payload against Aktia (Finnish bank)
$ host aktiay.xyz aktiay.xyz has address 172.67.206.69 aktiay.xyz has address 104.21.66.176 aktiay.xyz has IPv6 address 2606:4700:3032::ac43:ce45 aktiay.xyz has IPv6 address 2606:4700:3031::6815:42b0
OskiStealer botnet controller @172.67.218.147
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 172.67.218.147 on port 80 (using HTTP POST): hXXp://stanelectronics.xyz/6.jpg $ dig +short stanelectronics.xyz 172.67.218.147 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @172.67.218.147
Phishing payload against the Finnish national health
$ host danske-pankki.work danske-pankki.work has address 172.67.211.228 danske-pankki.work has address 104.21.85.232 danske-pankki.work has IPv6 address 2606:4700:3034::ac43:d3e4 danske-pankki.work has IPv6 address 2606:4700:3034::6815:55e8 hxxps[://]danske-pankki[.]work/kanta.php — geoblocked by cloudflare from anywhere else but the intended target market, confirmed by VPN
Phishing payload against the Finnish national health
$ host danske-pankki.work danske-pankki.work has address 172.67.211.228 danske-pankki.work has address 104.21.85.232 danske-pankki.work has IPv6 address 2606:4700:3034::ac43:d3e4 danske-pankki.work has IPv6 address 2606:4700:3034::6815:55e8 hxxps[://]danske-pankki[.]work/kanta.php — geoblocked by cloudflare from anywhere else but the intended target market, confirmed by VPN
Phishing payload against OP Financial Group (Finland)
$ host op-paasy.work op-paasy.work has address 172.67.199.154 op-paasy.work has address 104.21.36.209 op-paasy.work has IPv6 address 2606:4700:3035::ac43:c79a op-paasy.work has IPv6 address 2606:4700:3033::6815:24d1
Phishing payload against OP Financial Group (Finland)
$ host op-paasy.work op-paasy.work has address 172.67.199.154 op-paasy.work has address 104.21.36.209 op-paasy.work has IPv6 address 2606:4700:3035::ac43:c79a op-paasy.work has IPv6 address 2606:4700:3033::6815:24d1
Spamvertised domain hosting
Based on research, analysis of network data, our ‘snowshoe’ spam detection systems, intelligence sources and our experience, Spamhaus believes that this IP address range is being used or is about to be used for the purpose of high volume ‘snowshoe’ spam emission. As a precaution therefore we are listing this IP range in an SBL… Читать далее Spamvertised domain hosting