anonsec - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User anonsec joined AbuseIPDB in April 2026 and has reported 10 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇷🇺 193.143.1.186	05 May 2026	C2 Domain in a malware sample from latest RenEngine infostealer campaing	Phishing Hacking
🇷🇺 193.143.1.186	05 May 2026	C2 Domain used in RenEngine infostealer campaing, seen here : https://tria.ge/260505-yhl6taew6x	Phishing Hacking
🇧🇬 79.124.59.142	29 Apr 2026	Confirmed Command & Control (C2) Gate for LummaC2 infostealer. The IP is hosting active exfiltration ... show more Confirmed Command & Control (C2) Gate for LummaC2 infostealer. The IP is hosting active exfiltration endpoints at /cl-ncl-following and /cl-ncl-finalize. Returns 405 Method Not Allowed to GET requests, but accepts encrypted POST payloads from infected hosts. Associated with a 2026 RenEngine/Lumma campaign. show less	Phishing Hacking Exploited Host Web App Attack
🇺🇸 104.26.0.161	27 Apr 2026	URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat ... show more URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat Ahmedovich. Involved in credential theft via fake cloud lures. Hosting infrastructure: AS210006. Source URL: https://filehost.sbs/share.php?api=1&t=4a16395e1e4d2c77c766ec8436d30b show less	Phishing Hacking Web App Attack
🇺🇸 104.21.77.136	27 Apr 2026	URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat ... show more URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat Ahmedovich. Involved in credential theft via fake cloud lures. Hosting infrastructure: AS210006. Source URL: https://srv7.sharehost30.sbs/share/4a16395e1e4d2c77c766ec8436d30b show less	Phishing Hacking Web App Attack
🇺🇸 188.114.96.10	27 Apr 2026	URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat ... show more URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat Ahmedovich. Involved in credential theft via fake cloud lures. Hosting infrastructure: AS210006. Source URL: https://node8.filehost83.sbs/939e973c415c54f2edc741504297b9 show less	Phishing Hacking Web App Attack
🇺🇸 188.114.97.10	27 Apr 2026	URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat ... show more URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat Ahmedovich. Involved in credential theft via fake cloud lures. Hosting infrastructure: AS210006. Source URL: https://file667714.cloud02y.cfd/ show less	Phishing Hacking Web App Attack
🇺🇸 104.21.76.65	27 Apr 2026	URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat ... show more URL-linked Malware distribution node. Part of Lumma Stealer TDS campaign linked to Shereverov Marat Ahmedovich. Involved in credential theft via fake cloud lures. Hosting infrastructure: AS210006. Source URL: https://get377629.host41p.cfd/ show less	Phishing Hacking Web App Attack
🇫🇮 45.87.249.0	27 Apr 2026	Confirmed Lumma Stealer / StealerC distribution node. TDS infrastructure linked to Shereverov Marat ... show more Confirmed Lumma Stealer / StealerC distribution node. TDS infrastructure linked to Shereverov Marat Ahmedovich. Part of AS210006. Participating in large-scale credential theft via fake cloud storage lures. show less	Phishing Hacking Web App Attack
🇫🇮 178.20.210.0	27 Apr 2026	Confirmed Lumma Stealer / StealerC distribution node. TDS infrastructure linked to Shereverov Marat ... show more Confirmed Lumma Stealer / StealerC distribution node. TDS infrastructure linked to Shereverov Marat Ahmedovich. Part of AS210006. Participating in large-scale credential theft via fake cloud storage lures. show less	Phishing Hacking Web App Attack