User Tom60 joined AbuseIPDB in May 2026 and has reported 20 IP addresses.
Standing (weight) is good.
INACTIVE USER
| IP | Date | Comment | Categories |
|---|---|---|---|
| 🇫🇮 185.92.183.153 |
|
Hacking Exploited Host | |
| 🇨🇦 139.177.198.215 |
Active Lumma Stealer Drop Zone / Script host / Exfiltration server in snconor.vg:listed[web]
|
Hacking Exploited Host | |
| 🇳🇱 91.92.243.46 |
Active Lumma Stealer Command & Control (C2) server in springvc.cyou:listed[web]
|
Hacking Exploited Host | |
| 🇺🇸 104.21.83.73 |
|
Hacking Exploited Host | |
| 🇺🇸 188.114.96.6 |
|
Hacking Exploited Host | |
| 🇺🇸 185.230.63.186 |
Blog that distributed Lumma Stealer payload (befunoficial.com:listed[web])
|
Hacking Exploited Host | |
| 🇺🇸 18.116.101.220 |
Identified as part of Lumma Stealer malware infrastructure (C2 beaconing or payload distribution).
|
Hacking Exploited Host | |
| 🇺🇸 18.144.147.133 |
Identified as part of Lumma Stealer malware infrastructure (C2 beaconing or payload distribution).
|
Hacking Exploited Host | |
| 🇳🇱 204.76.203.206 |
Identified as part of Lumma Stealer malware infrastructure (C2 beaconing or payload distribution).
|
Hacking Exploited Host | |
| 🇳🇱 176.65.139.156 |
Identified as part of Lumma Stealer malware infrastructure (C2 beaconing or payload distribution).
|
Hacking Exploited Host |