The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://petknorra.com/index.php petknorra.com. 600 IN A 95.213.216.169 Referencing malware binaries (MD5 hash): 4e221de7e53d00818f4bd091ee3f85a6 — AV detection: 25 / 67 (37.31)
Carding fraud site/forum: wixxx.cc
Stolen credit card data websites. «WIXXX.CC ▶ CC+CVV» https://procrd.biz/threads/wixxx-cc-cc-cvv.22870/page-2#post-142105 >>> https://wixxx.cc/login.php https://carder.uk/ >>> https://wixxx.cc/login.php wixxx.cc. 600 IN A 95.213.216.151 _____________ Was: wixxx.cc. 600 IN A 45.10.110.238 _____________ Was: wixxx.cc. 600 IN A 109.107.188.164 _____________ Was: wixxx.cc. 600 IN A 185.252.147.71 _____________ Was: wixxx.cc. 600 IN A 91.240.242.69 _____________ Was: wixxx.cc. 600 IN A 93.189.42.86 _____________… Читать далее Carding fraud site/forum: wixxx.cc
Carding fraud site/forum: altenen.is / altenen.sk / altenen.st / altenen.pro / altenens.is / alboraaq.com
Stolen credit card data sites: www.Altenen.sk + www.Altenen.St + www.Altenen.Pro + www.Alboraaq.com Telegram Group : https://t.me/altenen_nz Twitter : https://twitter.com/group_atn Instagram : https://www.instagram.com/altenen.official/ https://altenen.is/ => https://altenens.is/ altenens.is. 300 IN A 172.67.176.196 altenens.is. 300 IN A 104.21.17.127 ____________________________________ Was: altenens.is. 300 IN A 190.115.22.179 ____________________________________ Was: altenens.is. 300 IN A 23.88.102.152 ____________________________________ Was: altenens.is. 300 IN A… Читать далее Carding fraud site/forum: altenen.is / altenen.sk / altenen.st / altenen.pro / altenens.is / alboraaq.com
RedLineStealer botnet controller @95.216.168.100
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 95.216.168.100 on port 38784 TCP: $ telnet 95.216.168.100 38784 Trying 95.216.168.100… Connected to 95.216.168.100. Escape character… Читать далее RedLineStealer botnet controller @95.216.168.100
phishing server
134.122.62.157|gr-online-security.link|2021-11-19 01:55:45
phishing server
137.184.158.63|secureciti-044.com|2021-11-19 01:55:43
phishing server
159.65.250.235|citizens04-userverify.com|2021-11-19 00:20:44 159.65.250.235|web03-userverify.com|2021-11-15 19:56:05 159.65.250.235|web03-userverlfy.com|2021-11-17 01:46:12 159.65.250.235|web03-uservify.com|2021-11-16 16:26:29
phishing server
34.106.84.215|citi-secur0973.com|2021-11-18 19:01:47 34.106.84.215|citiverifyuser.com|2021-11-18 02:36:37 34.106.84.215|verifysecurciti.com|2021-11-18 01:55:49 34.106.84.215|verifysecure-citi.com|2021-11-18 18:31:23
Malware distribution @95.213.216.152
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://petknorra.com/index.php petknorra.com. 600 IN A 95.213.216.152 Referencing malware binaries (MD5 hash): 4e221de7e53d00818f4bd091ee3f85a6 — AV detection: 25 / 67 (37.31)
Vjw0rm botnet controller @3.134.115.127
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 3.134.115.127 on port 51078 TCP: $ telnet 3.134.115.127 51078 Trying 3.134.115.127… Connected to 3.134.115.127. Escape character… Читать далее Vjw0rm botnet controller @3.134.115.127