$ host danske-kirjaudusisaan.xyz danske-kirjaudusisaan.xyz has address 172.67.184.151 danske-kirjaudusisaan.xyz has address 104.21.59.222 danske-kirjaudusisaan.xyz has IPv6 address 2606:4700:3037::6815:3bde danske-kirjaudusisaan.xyz has IPv6 address 2606:4700:3035::ac43:b897
Phishing payload against Danske (Nordic banking group)
$ host danske-kirjaudusisaan.xyz danske-kirjaudusisaan.xyz has address 172.67.184.151 danske-kirjaudusisaan.xyz has address 104.21.59.222 danske-kirjaudusisaan.xyz has IPv6 address 2606:4700:3037::6815:3bde danske-kirjaudusisaan.xyz has IPv6 address 2606:4700:3035::ac43:b897
Phishing payload against POP Pankki (Finnish banking group)
$ host pop-paasysuoraan.co pop-paasysuoraan.co has address 104.21.16.186 pop-paasysuoraan.co has address 172.67.215.138 pop-paasysuoraan.co has IPv6 address 2606:4700:3031::6815:10ba pop-paasysuoraan.co has IPv6 address 2606:4700:3030::ac43:d78a
Phishing payload against POP Pankki (Finnish banking group)
$ host pop-paasysuoraan.co pop-paasysuoraan.co has address 104.21.16.186 pop-paasysuoraan.co has address 172.67.215.138 pop-paasysuoraan.co has IPv6 address 2606:4700:3031::6815:10ba pop-paasysuoraan.co has IPv6 address 2606:4700:3030::ac43:d78a
Phishing payload against Danske (Nordic banking group)
$ host danske-asiakas.quest danske-asiakas.quest has address 104.21.62.173 danske-asiakas.quest has address 172.67.137.227 danske-asiakas.quest has IPv6 address 2606:4700:3032::ac43:89e3 danske-asiakas.quest has IPv6 address 2606:4700:3037::6815:3ead
Phishing payload against Danske (Nordic banking group)
$ host danske-asiakas.quest danske-asiakas.quest has address 104.21.62.173 danske-asiakas.quest has address 172.67.137.227 danske-asiakas.quest has IPv6 address 2606:4700:3032::ac43:89e3 danske-asiakas.quest has IPv6 address 2606:4700:3037::6815:3ead
Phishing payload against Aktia (Finnish bank)
$ host aktiay.xyz aktiay.xyz has address 172.67.206.69 aktiay.xyz has address 104.21.66.176 aktiay.xyz has IPv6 address 2606:4700:3032::ac43:ce45 aktiay.xyz has IPv6 address 2606:4700:3031::6815:42b0
Phishing payload against Aktia (Finnish bank)
$ host aktiay.xyz aktiay.xyz has address 172.67.206.69 aktiay.xyz has address 104.21.66.176 aktiay.xyz has IPv6 address 2606:4700:3032::ac43:ce45 aktiay.xyz has IPv6 address 2606:4700:3031::6815:42b0
OskiStealer botnet controller @172.67.218.147
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 172.67.218.147 on port 80 (using HTTP POST): hXXp://stanelectronics.xyz/6.jpg $ dig +short stanelectronics.xyz 172.67.218.147 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @172.67.218.147
Vjw0rm botnet controller @40.88.141.204
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 40.88.141.204 on port 6200 TCP: $ telnet 40.88.141.204 6200 Trying 40.88.141.204… Connected to 40.88.141.204. Escape character… Читать далее Vjw0rm botnet controller @40.88.141.204