Stolen credit card data websites: https://ascarding.com/ >>> https://infodig.is/ infodig.ch. 600 IN A 194.87.185.141 infodig.domains. 600 IN A 194.87.185.141 infodig.sx. 600 IN A 194.87.185.141 ________________ Was: infodig.ch. 600 IN A 8.209.108.131 infodig.domains. 600 IN A 8.209.108.131 infodig.sx. 600 IN A 8.209.108.131 ________________ Was: infodig.ch. 600 IN A 185.185.68.68 infodig.domains. 600 IN A 185.185.68.68 infodig.sx. 600 IN… Читать далее Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)
affiliate spam @insidernewstoday.net
2022-01-06 insidernewstoday.net. 60 IN A 159.223.165.61 2021-11-16 insidernewstoday.net. 60 IN A 137.184.131.231 Received: from cj6i463.merrell.pl (23.97.251.208) From: Male Enhancement – Granite <cupEU@cupEU.fi> Subject: ❤️ Are you the Man you Could Be? Try Granite!❤️ Date: Sat, 13 Nov 2021 23:4x:xx +0000 http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=[] 34.133.11.23 https://puysegura.com/?E=[]&s1=16&s2=38226 18.236.164.87 https://enadtaerg.com/?E=[]&s1=16&s2=38226&ckmguid=[] 13.52.80.238 https://insidernewstoday.net/male/en/med-journal/v2/granite/?AFID=428015&CID=430234&ADID=2359327&SID=4504&AffiliateReferenceID=[] 208.68.36.33
spam emitters
Received: from s2.browesen.ru (s2.browesen.ru [92.53.87.27]) Date: Wed, 5 Jan 2022 20:1x:xx +0000 From: Aleksandr <info@s2.browesen.ru> Subject: Предложение 92.53.87.26 browesen.ru 92.53.87.27 browesen.ru 92.53.87.28 browesen.ru 92.53.87.29 browesen.ru 92.53.87.30 browesen.ru
phish source at solarwind.eu.com / espace2001.com
Compromised server emitting phish spam starting Wed, 05 Jan 2022 03:00 UTC. Envelope sender forged to be the recipient address. solarwind.eu.com. 38400 IN A 91.121.238.33 ns303b.espace2001.com. 38400 IN A 91.121.238.33 inetnum: 91.121.238.32 — 91.121.238.47 netname: espace2001-3 country: FR descr: espace2001-3 org: ORG-EA521-RIPE admin-c: OTC2-RIPE tech-c: OTC2-RIPE ================================================================= Received: from ns303b.espace2001.com (HELO ns303b.espace2001.com) (91.121.238.33) by x… Читать далее phish source at solarwind.eu.com / espace2001.com
Spamvertised bitcoin scam.
Was SBL539913 92.38.132.175 Resolving herocryptos.cn (herocryptos.cn)… 194.87.185.140 Connecting to herocryptos.cn (herocryptos.cn)|194.87.185.140|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/4120f5431ea1e8d8952647dd9aed25aa [following] Was SBL539910 45.89.229.21/32 Resolving herocryptos.cn (herocryptos.cn)… 92.38.132.175 Connecting to herocryptos.cn (herocryptos.cn)|92.38.132.175|:80… connected. HTTP request sent, awaiting response… 302 Found Location: https://cryptodot.one/lead/1/xxx [following] Was SBL539440 — 194.87.185.48 Resolving herocryptos.cn (herocryptos.cn)… 45.89.229.21 Connecting to herocryptos.cn… Читать далее Spamvertised bitcoin scam.
phishing server
150.136.54.63|04reusps.com|2022-01-05 23:51:38
Malware botnet controllers @194.87.185.8
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.8 on port 443: $ telnet 194.87.185.8 443 Trying 194.87.185.8… Connected to 194.87.185.8. Escape character is… Читать далее Malware botnet controllers @194.87.185.8
phishing server
23.102.93.119|10000000056469465413221-ar.tk|2022-01-05 14:47:33 23.102.93.119|10000000056469465413222-ar.tk|2022-01-05 14:07:48 23.102.93.119|10000000056469465413223-ar.tk|2022-01-05 13:56:52 23.102.93.119|10000000056469465413224-ar.tk|2022-01-05 13:57:17 23.102.93.119|10000000056469465413225-ar.tk|2022-01-05 13:56:58 23.102.93.119|10000000056469465413226-ar.tk|2022-01-05 13:57:21 23.102.93.119|10000000056469465413227-ar.tk|2022-01-05 13:57:00 23.102.93.119|10000000056469465413228-ar.tk|2022-01-05 13:57:04 23.102.93.119|10000000056469465413229-ar.tk|2022-01-05 13:57:07 23.102.93.119|10000000056469465413230-ar.tk|2022-01-05 14:47:23 23.102.93.119|50000000000349875231298573.tk|2022-01-05 14:47:11 23.102.93.119|50000000000349875231298575.tk|2022-01-05 21:36:12 23.102.93.119|50000000000349875231298576.tk|2022-01-05 21:51:29 23.102.93.119|50000000000349875231298577.tk|2022-01-05 21:52:00 23.102.93.119|50000000000349875231298578.tk|2022-01-05 21:51:39 23.102.93.119|50000000000349875231298579.tk|2022-01-05 21:36:13 23.102.93.119|cph-5845753331-dk.ml|2022-01-05 14:46:50 23.102.93.119|cph-5845753332-dk.ml|2022-01-05 14:47:15 23.102.93.119|cph-5845753333-dk.ml|2022-01-05 13:57:17 23.102.93.119|cph-5845753334-dk.ml|2022-01-05 14:07:26 23.102.93.119|cph-5845753335-dk.ml|2022-01-05 13:57:03 23.102.93.119|cph-5845753338-dk.ml|2022-01-05 14:47:35 23.102.93.119|cph-5845753339-dk.ml|2022-01-05 13:57:17 23.102.93.119|enamor.info|2022-01-04 18:26:39
phishing server
20.185.182.65|auth08c-wells.com|2022-01-05 21:41:11 20.185.182.65|secure-04chase.com|2022-01-04 19:31:51
AveMariaRAT botnet controller @13.65.211.207
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 13.65.211.207 on port 5200 TCP: $ telnet 13.65.211.207 5200 Trying 13.65.211.207… Connected to 13.65.211.207. Escape character… Читать далее AveMariaRAT botnet controller @13.65.211.207