Fodcha botnet controller hosted here: $ dig +short fridgexperts.cc 194.156.224.102 170.187.254.249 162.33.177.146 194.53.108.90 5.253.235.163 162.33.178.66 172.105.241.100 194.53.108.94 See also: https://buaq.net/go-109482.html
phishing server
20.127.2.83|auth05-wells.com|2022-04-14 00:21:26 20.127.2.83|secure-28wells.com|2022-04-13 11:41:40 20.127.2.83|secure84-chase.com|2022-04-14 01:54:17 20.127.2.83|secure98-wells.com|2022-04-13 19:41:59
Без названия
143.198.105.76|fraud-citi-ath.com|2022-04-13 11:47:38 143.198.105.76|info-citi-a6.com|2022-04-13 02:36:39 143.198.105.76|info-citi-k8.com|2022-04-14 01:44:53 143.198.105.76|wells-fargo-a8.com|2022-04-13 07:34:49 143.198.105.76|wells-fargo-k3.com|2022-04-11 06:52:19
phishing server
45.132.17.85|www.amazon.fankiutnb.club|2022-04-13 19:52:34 45.132.17.85|www.amazon.uoyt3.club|2022-04-13 17:02:41
Malware botnet controller @20.197.177.145
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.197.177.145 on port 80 (using HTTP POST): hXXp://20.197.177.145/MEU/serv.php Referencing malware binaries (MD5 hash): 9df8bf2e2d212f8a8ce51c5d91712478 — AV detection: 4 / 59 (6.78)
Malware / Botnet / Phishing hosting server @35.225.187.192
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 35.225.187.192 on port 443: $ telnet 35.225.187.192 443 Trying 35.225.187.192… Connected to 35.225.187.192. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware / Botnet / Phishing hosting server @35.225.187.192
phishing server
35.247.106.229|redirect0-nfauth.ipq.co|2022-04-13 12:03:38 shoveitdown-auth.duckdns.org has address 35.247.106.229 hXXps://shoveitdown-auth.duckdns.org/login/
phishing server
104.131.77.178|e-unlock.me|2022-04-08 15:47:32 104.131.77.178|farg0-unlock.online|2022-04-08 14:57:51 104.131.77.178|hume.fruehling.us|2022-03-22 11:59:41 104.131.77.178|hybridconnect.online|2022-04-10 14:32:30 104.131.77.178|identifyfag0.online|2022-04-08 17:46:56 104.131.77.178|secure0user-verify.info|2022-04-06 23:46:09 104.131.77.178|user0verify.info|2022-04-12 22:48:23 104.131.77.178|user0verify.live|2022-04-13 17:43:01 104.131.77.178|verify-citi.online|2022-04-01 15:16:57 hXXps://citizen0verify-userr.duckdns.org/Dashboard/Application/index.php citizen0verify-userr.duckdns.org has address 104.131.77.178
phishing server
161.97.153.76|findmyiphones.us|2022-03-01 20:56:12 161.97.153.76|findmylost-iphone.live|2022-04-03 07:36:45 161.97.153.76|findmylphones.com|2022-02-08 12:19:35 161.97.153.76|findmyphone-icloud.com|2022-01-04 10:32:12 161.97.153.76|findmyphones-icloud.com|2022-04-10 18:01:46 161.97.153.76|findmyphones.info|2022-04-03 07:42:04 161.97.153.76|findmyphones.live|2022-04-03 07:42:39 161.97.153.76|fr-assistances.online|2022-04-10 12:27:22 161.97.153.76|gps-location-view.com|2022-04-10 08:07:12 161.97.153.76|icloud-enligne.com|2022-04-05 16:47:43 161.97.153.76|icloud-find-live.us|2022-03-10 08:02:53 161.97.153.76|icloud-find.su|2022-03-28 07:38:04 161.97.153.76|icloud-findmy.com-me.live|2022-02-18 02:58:12 161.97.153.76|icloud-findmyphone.live|2022-04-12 15:17:49 161.97.153.76|icloud-findmys.com|2022-03-20 14:36:52 161.97.153.76|icloud-info.com|2022-04-10 11:41:47 161.97.153.76|icloud-live.com|2022-04-10 11:41:53 161.97.153.76|icloud-on-ligne.com|2022-04-10 11:41:51 161.97.153.76|icloud-supports.us|2022-02-19 16:15:48 161.97.153.76|idevicealert.live|2022-04-10 08:46:41 161.97.153.76|incicloud.com|2022-04-10 15:56:46 161.97.153.76|iphone-imaps.com|2022-04-10 18:46:35 161.97.153.76|iserverpro.us|2022-04-08 15:57:13 161.97.153.76|lcloud-verifier.com|2022-01-31 09:32:07 161.97.153.76|lcloudlocation-vlew.com|2022-04-09 02:56:16 161.97.153.76|lcloudmap.net|2022-01-17 15:06:35 161.97.153.76|localisermoniphones.com|2022-03-20 23:51:24 161.97.153.76|locate-device-appfmi.com|2022-02-08… Читать далее phishing server
phishing server
20.77.56.159|irs-manage-profile-refund.com|2022-04-13 00:40:08