Stolen credit card data sites: «Fernandogoods.at -Old and trusted CVV shop — back to public scene!» https://procrd.biz/threads/fernandogoods-at-old-and-trusted-cvv-shop-back-to-public-scene.19143/page-4#post-141952 >>> https://Fernandogoods.at fernandogoods.at. 299 IN A 172.67.153.95 fernandogoods.at. 299 IN A 104.21.88.209 ___________________________ procrd.vc. 119 IN A 185.178.208.148 procrd.biz. 299 IN A 104.21.48.246 procrd.biz. 299 IN A 172.67.138.245 https://procrd.vc/ >>> https://approved.xxx/ http://amigos.to/register/bxe https://wsstore.cc/ https://www.fe-acc18.ru/ https://fernandogoods.at/ https://yalelodge.cm/ http://uas-service.su/ https://gonzo-cc.com/access/authorization… Читать далее Carding fraud site/forum: fernandogoods.at

Fraudulent «your norton security subscription have expired» phishing site valuewinno.com A 172.67.180.29 valuewinno.com A 104.21.75.184 Domain name: valuewinno.com Registry Domain ID: 2579612694_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2020-12-19T02:23:26.00Z Registrar Registration Expiration Date: 2021-12-19T02:23:26.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Registrar Abuse Contact… Читать далее phishing site @ 172.67.180.29

Stolen credit card data website: cardingcode.com. 299 IN A 172.67.132.194 cardingcode.com. 299 IN A 104.21.5.22 ______________ WasL cardingcode.com. 21599 IN A 104.227.253.143 104.227.253.143 cvvcarbino.club 2021-04-05 18:38:15 104.227.253.143 ns1.cvvcarbino.club 2021-04-01 13:58:21 104.227.253.143 ns2.cvvcarbino.club 2021-04-01 13:58:21 104.227.253.143 www.cvvcarbino.club 2021-03-23 17:13:46 bvd41.cc. 1799 IN A 91.195.240.87 ______________ cardingcode.com. 1799 IN A 45.141.58.108 dc-8eb6c3ceb3a3.bvd41.cc «Pandora | Guias, bins, tutoriales… Читать далее Carding fraud site/forum: cardingcode.com (cvvcarbino.club / bvd41.cc)

Purchased or leasing domain. Using p01243@psilink.com to create false LOAs: ;; QUESTION SECTION: ;psilink.com. IN A ;; ANSWER SECTION: psilink.com. 299 IN A 104.21.23.21 psilink.com. 299 IN A 172.67.208.108 psilink.com. 299 IN MX 10 mx.yandex.net. Hijacking /16 range from long-dead corporation. _____________________________________________ April/21: Hijacked by AS398968 — INTERCONTINENTAL INTERNET DATA CORP This netblock appears to… Читать далее Hijacked IP space: Arthur Andersen & Co., S.C. — dead POC used to hijack: p01243@psilink.com

Spammer hosting located here: https://objectstorage.us-ashburn-1.oraclecloud.com/n/idqyn1owx1ll/b/njfrbizzgausse/o/1FRdqgqcalkdh.html -> https://www.hasadom2.com/X -> https://securedns.site/LtmVNo?aid=X —> https://only-promotion.com/41/mcgausse-m-med/gps/?X $ dig +short securedns.site 104.21.85.240 172.67.212.137 Spam sample ==================================================================== Received: from presentcharity.net (presentcharity.net [91.211.250.153]) by X (Postfix) with ESMTP id X for <X>; Mon, 3 May 2021 X DKIM-Signature: X DomainKey-Signature: X MIME-Version: 1.0 Message-Id: <X@presentcharity.net> From: =?UTF-8?B?Q2VudHJlIGRlIEx1dHRlIGNvbnRyZSBsYSBEb3VsZXVy?=<NKPbwYv@presentcharity.net> Subject: =?UTF-8?B?TGEgbWVpbGxldXJlIHNvbHV0aW9uIHBvdXIgbGVzIGRvdWxldXJzIGFydGljdWxhaXJlcywgbXVzY3VsYWlyZXMgZXQgdmVydMOpYnJhbGVz?= Reply-To: reply_to@presentcharity.net To: X… Читать далее Spammer hosting @104.21.85.240

Received: from inboxvia.jp.net (515879-cf59329.tmweb.ru. [92.53.124.54]) Date: [*date] From: TheSecret<[]@[].solution.ruddle.org> Subject: [],Start Getting REAL Results Today! https://storage.googleapis.com/[] => http://mynotifications.xyz/#?[] => https://smilesarefun.com/[] => https://heathlyhub.com/index2.php?s1=[] => https://gluebrush.com/?[] mynotifications.xyz. 60 IN A 95.138.193.220 smilesarefun.com. 300 IN A 181.214.121.98 heathlyhub.com. 300 IN A 104.21.50.128 heathlyhub.com. 300 IN A 172.67.163.58 gluebrush.com. 300 IN A 104.21.93.127 gluebrush.com. 300 IN A 172.67.209.229 If… Читать далее Spamvertised website

designanalyzer.com. 300 IN A 172.67.182.25 designanalyzer.com. 300 IN A 104.21.51.156 Received: from colondrag.com (colondrag.com [94.228.118.250]) Subject: Domain Notification for [] : This is your Final Notice of Domain Listing X-PHP-Originating-Script: 1000:alexusMailer_v1.7.2.php From: Domain Notice <hugo@hugoboss.com> Date: Tue, 11 May 2021 12:5x:xx +0300 Attention: Important Notice , DOMAIN SERVICE NOTICE Domain Name: [] Hi [] []… Читать далее Zoltán Zarka

greatvender.com. 300 IN A 172.67.136.183 greatvender.com. 300 IN A 104.21.62.151 Received: from fruithabitat.com (fruithabitat.com [109.68.214.93]) Subject: Domain Notification for [] : This is your Final Notice of Domain Listing X-PHP-Originating-Script: 1000:alexusMailer_v1.7.2.php From: Domain Notice <hugo@hugoboss.com> Date: Wed, 12 May 2021 08:3x:xx +0300 Attention: Important Notice , DOMAIN SERVICE NOTICE Domain Name: [] Hi [] []… Читать далее Zoltán Zarka

SBL518213 172.67.164.6 cloudflare.com 2021-03-06 Carding fraud site/forum: UNICC.CZ (uniccshop.cm / cardpin.org / crdshop.su / cclub.su / unicc.am / csu.su / abusehost.pro / dumpscrew.com / chindadump.su / dumpshop.net / dumpshop.cc)

trumps-dumps.cc. 299 IN A 104.21.79.89 trumps-dumps.cc. 299 IN A 172.67.169.109 dumpswithpin.shop. 14399 IN A 103.255.237.209 _________________________ Was: cardmafia.mn. 599 IN A 35.204.174.12 cc-dumps.su. 599 IN A 185.200.243.53 _________________________ Was: cardingmafia.pro. 599 IN A 91.241.19.41 cardingmafia.pro. 599 IN A 185.200.243.53 cardmafia.mn. 198 IN A 45.9.148.167 2020-07-13 04:36:55 approvedcc.su A 185.200.243.53 2020-07-29 04:19:59 carder.eu A 185.200.243.53 2020-07-29… Читать далее Credit card fraud domain hosting: trumps-dumps.cc (cardmafia.mn / dumpswithpin.shop)