secure-boalogin.com has address 67.205.132.0
phishing server
secure-boasignin.com has address 162.243.160.125
Malware botnet controllers @95.213.165.229
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 212.193.50.94 on port 80 (using HTTP POST): hXXp://xacokuo80.top/ xacokuo80.top. 600 IN A 95.213.165.229 The host at this IP address is currently… Читать далее Malware botnet controllers @95.213.165.229
Malware botnet controller @194.87.1.69
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.1.69 on port 443: $ telnet 194.87.1.69 443 Trying 194.87.1.69… Connected to 194.87.1.69. Escape character is… Читать далее Malware botnet controller @194.87.1.69
spam support (domains)
domain used in spam operation fake store coupons/id theft listnets.com… 104.21.65.128, 172.67.145.109 Subject: Ace-Hardware.Shopper—Feedback— <registration@facebookmail.com>
spam support (domains)
domain used in spam operation fake store coupons/id theft listnets.com… 104.21.65.128, 172.67.145.109 Subject: Ace-Hardware.Shopper—Feedback— <registration@facebookmail.com>
Credit card fraud gang hosting (DNS): florenciyas.su (fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Stolen credit card data websites (DNS servers): ns1.florenciyas.su. 7174 IN A 212.109.195.164 ns2.florenciyas.su. 7167 IN A 194.53.111.144 __________________________ Was: ns1.florenciyas.su. 7174 IN A 138.124.182.69 ns2.florenciyas.su. 7167 IN A 95.181.172.156 __________________________ Was: ns1.florenciyas.su. 7174 IN A 185.246.67.177 ns2.florenciyas.su. 7167 IN A 5.188.88.98 ___________________________ Was: ns1.florenciyas.su. 7174 IN A 185.120.57.122 ns2.florenciyas.su. 7167 IN A 185.246.67.164 ___________________________ Was:… Читать далее Credit card fraud gang hosting (DNS): florenciyas.su (fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
T-shirt spammer landing sites.
A tiresome number of t-shirt spammers land here and have been doing so for quite a while now. 35.227.253.99 uglyzone.xyz 35.227.253.99 augustshirt.com 35.227.253.99 www.merch.rapcrusher.com 35.227.253.99 nativeprideshop.xyz 35.227.253.99 goteelight.net 35.227.253.99 laxurytee99.com 35.227.253.99 goodtrendstore.com 35.227.253.99 17-tee.com 35.227.253.99 nicetee4u.com 35.227.253.99 trndydesign.xyz 35.227.253.99 dotterprint.com 35.227.253.99 notionstyle.xyz 35.227.253.99 superfashions.store 35.227.253.99 great-tshirt.com 35.227.253.99 shirtsllcs.com 35.227.253.99 lionsprint.store 35.227.253.99 100ndquick.shop 35.227.253.99 printtee.xyz 35.227.253.99… Читать далее T-shirt spammer landing sites.
Cybercriminal credit-card theft carding gang at: cvvstore.cc, cc4you.su, kingscard.cc etc.
Stolen credit card data websites: 35.188.126.240 bigbase1.cc 2021-11-15 12:16:26 35.188.126.240 ccbase.cc 2021-11-18 11:37:23 35.188.126.240 crdshop.cc 2021-11-15 09:14:34 35.188.126.240 cvv-store.cc 2021-11-11 00:21:14 35.188.126.240 cvvstore.cc 2021-11-11 00:21:25 35.188.126.240 dstore.su 2021-11-24 17:14:34 35.188.126.240 kingscard.cc 2021-11-13 16:20:56 35.188.126.240 ltdcc1.cc 2021-11-11 00:20:52 35.188.126.240 sharkcc.cc 2021-11-13 16:21:02 35.188.126.240 trdbin.su 2021-11-26 13:38:12 35.188.126.240 ug4all.ru 2021-11-13 16:21:17 35.188.126.240 vendeta.su 2021-11-12 09:01:19 35.188.126.240 wuzzup.su… Читать далее Cybercriminal credit-card theft carding gang at: cvvstore.cc, cc4you.su, kingscard.cc etc.
DCRat botnet controller @168.119.140.238
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 168.119.140.238 on port 8848 TCP: $ telnet 168.119.140.238 8848 Trying 168.119.140.238… Connected to 168.119.140.238. Escape character… Читать далее DCRat botnet controller @168.119.140.238