phishing server

Phishing since 4/2021 apparently. Citibank 143.198.66.140|citimarket.us|2021-10-22 12:16:59 143.198.66.140|citimarketaccess.com|2021-12-19 03:35:55 143.198.66.140|citimarketb.com|2021-12-19 02:46:17

Spammer hosting @159.223.7.31

apotheke-deutschland.ru A 159.223.7.31 bestellen-sie-heute.ru A 159.223.7.31 diskrebestellung.ru A 159.223.7.31 diskret-bestellen.ru A 159.223.7.31 diskret-kaufen.ru A 159.223.7.31 diskret-rezeptfrei.ru A 159.223.7.31 diskreter-ohne-rezept.ru A 159.223.7.31 diskretion.ru A 159.223.7.31 doktorapotheke.ru A 159.223.7.31 dokversand.ru A 159.223.7.31 dokversand24.ru A 159.223.7.31 express-mann.ru A 159.223.7.31 goldapotheke.ru A 159.223.7.31 goldapotheker-schweiz.ru A 159.223.7.31 goldapotheker.ru A 159.223.7.31 gratis-versand.ru A 159.223.7.31 kaufen-sie-sicher.ru A 159.223.7.31 kostenloser-versand.ru A 159.223.7.31 pillen-kaufen.ru… Читать далее Spammer hosting @159.223.7.31

Spam Emitter (OMICS)

his IP address is sending spam for OMICS (aka Remedy Publishers, Austin Publishers). The spam sent by this entity appears to be targeted at email addresses scraped from websites, Whois records, and other sources associated with academia and research organizations. OMICS operates a number of open access journals that it claims are peer reviewed, but… Читать далее Spam Emitter (OMICS)

Spam Emitter (OMICS)

This IP address is sending spam for OMICS (aka Remedy Publishers, Austin Publishers). The spam sent by this entity appears to be targeted at email addresses scraped from websites, Whois records, and other sources associated with academia and research organizations. OMICS operates a number of open access journals that it claims are peer reviewed, but… Читать далее Spam Emitter (OMICS)

phishing server

159.65.217.144|confirmdisco.com|2021-12-17 03:32:22 159.65.217.144|confirmreigons.com|2021-12-17 06:28:56 159.65.217.144|myinfo-citi.com|2021-12-17 02:12:40

App Development/Web Devlopment/SEO spam operation loose on PHPList

In the past few days, a spam operation that uses many domains in the From headers of its emails but has other characteristics that connect it is sending spam from PHPList. The numbers of domains are large, probably to evade domain blocklists. PHPList: Below is a set of redacted spam samples for you. We see… Читать далее App Development/Web Devlopment/SEO spam operation loose on PHPList

Cybercriminal carding gang at cvv-net.su, cvv-ru.su etc.

Stolen credit card data websites: 167.71.228.248 cvv-com.su 2021-12-07 08:11:30 167.71.228.248 cvv-market.su 2021-12-15 07:31:19 167.71.228.248 cvv-net.su 2021-12-07 08:12:10 167.71.228.248 cvv-pro.su 2021-12-15 07:31:09 167.71.228.248 cvv-ru.su 2021-12-16 12:28:29 167.71.228.248 cvvme-shop.su 2021-12-16 12:28:25 167.71.228.248 cvvme-store.su 2021-12-15 07:31:42 167.71.228.248 validcc-market.su 2021-12-14 14:26:35 167.71.228.248 validcc-su.su 2021-12-07 08:12:01 167.71.228.248 www.cvvme-store.su 2021-12-14 01:17:23 _____________________ Was: 165.227.225.78 cvv-market.su 2021-11-22 00:40:44 165.227.225.78 cvv-online.su 2021-11-18 15:32:11… Читать далее Cybercriminal carding gang at cvv-net.su, cvv-ru.su etc.

Carding fraud site/forums: fe-acc18.ru (DNS)

ns1.fe-acc18.ru. 300 IN A 128.199.244.220 ns2.fe-acc18.ru. 300 IN A 159.223.61.164 ns3.fe-acc18.ru. 296 IN A 45.9.20.220 __________________________ Was: ns1.fe-acc18.ru. 300 IN A 128.199.244.220 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.220 __________________________ Was: ns1.fe-acc18.ru. 300 IN A 159.223.69.200 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.220 __________________________ Was: ns1.fe-acc18.ru. 300 IN A… Читать далее Carding fraud site/forums: fe-acc18.ru (DNS)