litreevtech - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User litreevtech joined AbuseIPDB in February 2026 and has reported 1,103 IP addresses.

Standing (weight) is good.

ACTIVE USER

IP	Date	Comment	Categories
🇩🇪 43.165.2.47	19 May 2026	TTPs: Impersonation of European law enforcement, fake government domains, cross-border SMS/iMessage ... show more TTPs: Impersonation of European law enforcement, fake government domains, cross-border SMS/iMessage delivery from Southeast Asia, and escalation threats. IoCs: https://otx.alienvault.com/pulse/6a0c40 show less	Phishing
🇲🇩 176.123.5.19	28 Apr 2026	The domain ashoo[.]buzz operates as a fraudulent impersonation site that copies and misuses the bran ... show more The domain ashoo[.]buzz operates as a fraudulent impersonation site that copies and misuses the brand, name, and visual elements of the legitimate adult platform Ashoo. The site blocks direct access and only opens when the browser’s Referer header shows it was reached via Google or Yandex search results. show less	Phishing
🇳🇱 185.197.162.140	23 Apr 2026	The domain b[.]prostitutki24[.]su is operating as a fraudulent impersonation site that deliberately ... show more The domain b[.]prostitutki24[.]su is operating as a fraudulent impersonation site that deliberately copies and misuses the brand, name, and elements of the legitimate adult entertainment platform Ashoo https://otx.alienvault.com/pulse/69ea517a5f0bd47c01d88fd6 show less	Phishing
🇷🇺 2a00:f940:2:2:1:1:0:18	22 Apr 2026	The domain ashoo-znakomstva[.]ru hosted on this IP address is operating as a fraudulent impersonatio ... show more The domain ashoo-znakomstva[.]ru hosted on this IP address is operating as a fraudulent impersonation site that deliberately copies and misuses the brand, name, and elements of the legitimate adult entertainment platform Ashoo. Threat Pulse on OTX: https://otx.alienvault.com/pulse/69e8e20bb9e91dec5330e3b4 show less	Phishing
🇷🇺 31.31.198.56	22 Apr 2026	The domain ashoo-znakomstva[.]ru hosted on this IP address is operating as a fraudulent impersonatio ... show more The domain ashoo-znakomstva[.]ru hosted on this IP address is operating as a fraudulent impersonation site that deliberately copies and misuses the brand, name, and elements of the legitimate adult entertainment platform Ashoo. Threat Pulse on OTX: https://otx.alienvault.com/pulse/69e8e20bb9e91dec5330e3b4 show less	Phishing
🇳🇱 185.246.188.31	17 Apr 2026	The domain ashoomoskva.[]com on this IP address is operating as a fraudulent impersonation site that ... show more The domain ashoomoskva.[]com on this IP address is operating as a fraudulent impersonation site that deliberately copies and misuses the brand, name, and elements of the legitimate adult entertainment platform Ashoo. Threat Pulse on OTX: https://otx.alienvault.com/pulse/69e26f6cb2397ab9987a36f5 show less	Phishing
🇷🇺 31.31.198.56	05 Apr 2026	Phishing resource impersonating adult entertainment platform Ashoo.	Phishing
🇷🇺 2a00:f940:2:2:1:1:0:18	05 Apr 2026	Phishing resource impersonating adult entertainment platform Ashoo.	Phishing
🇺🇸 15.197.240.20	26 Mar 2026	Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting ... show more Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting individuals in the Baltics. The threat actor is using the same exact payload as UNC6748, except for a different C2 endpoint (presumably because the old one is already present in threat intelligence feeds). https://otx.alienvault.com/pulse/69c5ad2cc15ddbc70c30c4fe show less	Phishing Hacking
🇺🇸 144.172.92.182	26 Mar 2026	Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting ... show more Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting individuals in the Baltics. The threat actor is using the same exact payload as UNC6748, except for a different C2 endpoint (presumably because the old one is already present in threat intelligence feeds). https://otx.alienvault.com/pulse/69c5ad2cc15ddbc70c30c4fe show less	Phishing Hacking
🇺🇸 192.185.85.28	26 Mar 2026	Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting ... show more Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting individuals in the Baltics. The threat actor is using the same exact payload as UNC6748, except for a different C2 endpoint (presumably because the old one is already present in threat intelligence feeds). https://otx.alienvault.com/pulse/69c5ad2cc15ddbc70c30c4fe show less	Phishing Hacking
🇺🇸 162.255.119.42	26 Mar 2026	Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting ... show more Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting individuals in the Baltics. The threat actor is using the same exact payload as UNC6748, except for a different C2 endpoint (presumably because the old one is already present in threat intelligence feeds). https://otx.alienvault.com/pulse/69c5ad2cc15ddbc70c30c4fe show less	Phishing Hacking
🇺🇸 91.236.230.154	26 Mar 2026	Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting ... show more Specified IPs were used by Russian state-sponsored hackers for DarkSword RCE exploitation, targeting individuals in the Baltics. The threat actor is using the same exact payload as UNC6748, except for a different C2 endpoint (presumably because the old one is already present in threat intelligence feeds). https://otx.alienvault.com/pulse/69c5ad2cc15ddbc70c30c4fe show less	Phishing Hacking
🇺🇸 2606:4700:3036::ac43:caed	06 Mar 2026	Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult ... show more Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇺🇸 2606:4700:3031::6815:162e	06 Mar 2026	Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult ... show more Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇺🇸 104.21.22.46	06 Mar 2026	Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult ... show more Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇺🇸 172.67.202.237	06 Mar 2026	Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult ... show more Listed as DNS record for domain 1ashooo[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇱🇹 2a02:4780:9:2178:0:115d:a14e:3	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇩🇪 2a02:4780:42:350d:49a2:78d8:5d75:add6	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇩🇪 2a02:4780:43:a4b0:743c:4f2e:87c1:9d32	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇳🇱 2a02:4780:32:67e0:e4ee:6186:da0:6135	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇳🇱 2a02:4780:23:ddf0:afca:8:1e:13ba	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇩🇪 2a02:4780:44:f625:1ec6:9a4e:dc51:65d5	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇩🇪 2a02:4780:45:790f:f5ac:3491:2eff:fb22	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing
🇩🇪 2a02:4780:42:169c:7631:cdda:a835:d3a6	25 Feb 2026	Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo ad ... show more Listed as DNS record for domain ashoodubai[.]com — phishing website impersonating authentic Ashoo adult entertainment platform. show less	Phishing