3fs08KRy
2017-01-12 02:02:10

GBA report


starting with :
tomklconsultant.us

other domains with IP history at :
108.170.51.58

phishing :
tomklconsultant.us/P/GD/
tomklconsultant.us/C5/GD/
tomklconsultant.us/F/GD/
icpbbuk.com/Uvrify/main/
icpbbuk.com/congb/cgbcsclient/
icpbbuk.com/falcons/ztech/
icpbbuk.com/gnbb/gntycustomerID/
icpbbuk.com/ice/Loggs/
icpbbuk.com/rsbin/verifysource/
icpbbuk.com/summitafprint/
jackson-villeusacc.us/xmas/univers/
netupdate.co/lk/
netupdate.co/met/
netupdate.co/mt/
netupdate.co/mt2/
secrononline.com/Mod/good/goods_2015/goodd_2015/
shhhconstruction.us/b/GD/
shhhconstruction.us/c/GD/
shhhconstruction.us/dp/pdf.adobe.cloud/pdfcloudportal.php
shhhconstruction.us/dp/pdf.adobe.cloud.zip
shhhconstruction.us/l/GD/
tkgconstruction.us/a/sign/
tkgconstruction.us/b/new%20boa/
tkgconstruction.us/n/GD/
tkgconstruction.us/q/HMRC/
tkgconstruction.us/ssh/GD/
tkgconstruction.us/yah/yh98ujg/verify.html


pony panels :
bonchams.com/panel/admin.php
china-shanfs.com/Panel/admin.php
enyinnagroupofcompanys.co.in/Panel/admin.php
stallonnuel.com/NEW/Panel/admin.php
wens-chmapio.com/xmas/admin.php
buchiike.com/Panel/admin.php

malware :
clsoxinfo.com/file/%2AFilename.exe
clsoxinfo.com/Filename/%2AFile.exe



icpbbuk.com FURSYTHE02@YAHOO.CO.UK -> 251 domains, many suspicious
jackson-villeusacc.us starslogs@gmail.com -> 2 domains, nbd
secrononline.com mark.gutierrez@mail.com -> 1 domain
shhhconstruction.us lovingman4you@outlook.com -> 1 domain
tkgconstruction.us tm0935k@gmail.com -> 1 domain
bonchams.com proximo60@yahoo.com -> 18 domains
china-shanfs.com emekaohiacharles@gmail.com -> 4 domains, 3 crime
enyinnagroupofcompanys.co.in allwebmailforwarding@gmail.com -> 3 domains, nbd
stallonnuel.com moranjessca@gmail.com -> 1 domain
wens-chmapio.com likar.esquel.com@gmail.com -> 1 domain
buchiike.com drkenowen@yahoo.co.uk -> 8 domains, 2 crime
clsoxinfo.com ekeadatrust25@yahoo.com -> 37 domains



More phishing and panels via registrant GBA :

FURSYTHE02@YAHOO.CO.UK
phishing :
icpbbuk.com/Uvrify/main/
icpbbuk.com/congb/cgbcsclient/
icpbbuk.com/falcons/ztech/
icpbbuk.com/gnbb/gntycustomerID/
icpbbuk.com/ice/Loggs/
icpbbuk.com/rsbin/verifysource/
icpbbuk.com/summitafprint/
unitedbswiss.com
odd collection of fake banks? phishing? what the fuck?
impcapb.com
conglbk.com
prmtbk.com
spbnk-uk.com
gmbplc.com
turb-uk.com
icpb-uk.com
flntb.com
interesting :
muslimcharitiesuk.org


emekaohiacharles@gmail.com
phishing :
zijcz.com
my-2017-protection.com
pony :
china-shanfs.com/Panel/admin.php


proximo60@yahoo.com
ipsy :
ywuonan.com/sub/WebPanel/login
ywuonan.com/WebPanel/login
pony :
bonchams.com/panel/admin.php


drkenowen@yahoo.co.uk
pony :
pappyme.com/Panel/admin.php
buchiike.com/Panel/admin.php