Рубрика: digitalocean.com

Website Exploit Attack server 1637914606.020 0 139.59.74.137 TCP_DENIED/403 4034 GET http://X.X.X.X/phpMyAdmin-5/index.php? — HIER_NONE/- text/html 1637914606.516 0 139.59.74.137 TCP_DENIED/403 4019 GET http://X.X.X.X/PMA2020/index.php? — HIER_NONE/- text/html 1637914607.010 0 139.59.74.137 TCP_DENIED/403 4022 GET http://X.X.X.X/database/index.php? — HIER_NONE/- text/html 1637914607.508 1 139.59.74.137 TCP_DENIED/403 4033 GET http://X.X.X.X/sql/myadmin/index.php? — HIER_NONE/- text/html 1637914608.000 0 139.59.74.137 TCP_DENIED/403 4030 GET http://X.X.X.X/db/myadmin/index.php? — HIER_NONE/- text/html 1637914608.506… Читать далее Attack Server

domain used in likely id theft/phishing surveytoday.co… 159.89.188.73 Subject: $100-in-ExclusiveRewards — ProvideYourOpinionOnApple

secur03b-login8chas.com has address 178.62.66.140

The usual throbbing badly written Japanese «your PC is hacked» call this number 050-5050-0978

165.22.122.244|authupdateings.online|2021-11-23 09:56:50 165.22.122.244|autorilisastions.online|2021-11-23 09:27:44 165.22.122.244|back-up.website|2021-11-23 23:56:36 165.22.122.244|dirrections.store|2021-11-24 00:04:15 165.22.122.244|manages-billingaccounts.info|2021-11-24 02:06:33 165.22.122.244|manages-paymentsbillingaccounts.info|2021-11-24 02:14:00 165.22.122.244|re-autorizers.xyz|2021-11-23 01:44:13 165.22.122.244|re-personalsisations.xyz|2021-11-23 01:58:44

Phish source. Problem started around Mon, 22 Nov 2021 13:20 UTC. 44.247.166.188.in-addr.arpa. 852 IN PTR bizcloud-power.asahiseiko.co.jp. Does not resolve forward because they do not own that domain, it is a forgery. ============================================================================= Return-Path: <mail@altech.co.jp> Received: from bizcloud-power.asahiseiko.co.jp (HELO mta0.asahiseiko.co.jp) (188.166.247.44) by x (x) with ESMTP; Mon, 22 Nov 2021 xx:xx:xx +0000 From: «x» <mail@altech.co.jp> To:… Читать далее phish source

Bank phish citlzens-secur.com has address 167.99.121.108

CompanyLeads.org. 300 IN A 137.184.44.221 Received: from [103.13.114.169] (helo=stuff.datalist.me) Date: Tue, 23 Nov 2021 06:4x:xx +0100 From: Maria Hanson <maria@datalist.me> Subject: UK Leads Black Friday Hi from CompanyLeads.org We are running a special on our UK Database! 16,290,681 Leads for a mere £49 once off. Visit us on CompanyLeads.org/UK Thank you! Maria Hanson

Stolen credit card data websites: 165.227.225.78 cvv-market.su 2021-11-22 00:40:44 165.227.225.78 cvv-online.su 2021-11-18 15:32:11 165.227.225.78 cvv-pro.su 2021-11-03 16:56:25 165.227.225.78 cvv-ru.su 2021-11-22 07:29:01 165.227.225.78 cvvme-shop.su 2021-11-22 07:29:01 165.227.225.78 cvvme-store.su 2021-11-06 10:45:58 165.227.225.78 cvvme.club 2021-11-14 02:30:44 165.227.225.78 cvvme.info 2021-11-15 10:51:45 165.227.225.78 cvvme.online 2021-11-03 16:57:00 165.227.225.78 cvvme.shop 2021-11-17 04:20:14 165.227.225.78 www.cvv-ru.su 2021-11-22 08:25:18 _____________________ Was: cvv-net.su. 3599 IN A… Читать далее Cybercriminal carding gang at cvv-net.su, cvv-ru.su etc.

hXXps://auth2wells.com/ $ host auth2wells.com auth2wells.com has address 138.197.130.206 Tracing authwellsfargo2connection.com … —2021-11-21 05:18:02— http://authwellsfargo2connection.com/ —2021-11-21 05:18:03— https://auth2wells.com/