Scam Campaign

Exe Scam — 94.156.102.255

Identified on 4/23/2026

Primary Entity

domain

94.156.102.255

High Risk

Flagged by Google Safe Browsing
No SSL certificate

Campaign Narrative

This cluster centers on 3 connected domains tagged as 178-16-55-23, exe, opendir. The domains include 94.156.102.255, 178.16.55.23, 147.93.3.139. 3 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus.

Flagged domains in this cluster, 94.156.102.255, 178.16.55.23, 147.93.3.139.

Do not click links to any of the flagged domains. If you have visited one, check your accounts for unauthorized activity and consider changing your passwords. You can report suspicious contacts to the FTC at reportfraud.ftc.gov or to the FCC at consumercomplaints.fcc.gov.

This campaign was identified through automated analysis of threat intelligence feeds and entity relationship mapping.

Entity Roster

Domains (3)

94.156.102.255High Risk
147.93.3.139High Risk
178.16.55.23High Risk

Data Sources

Google Safe Browsing
URLhaus

Related Campaigns

Other campaigns that share phone numbers, domains, or companies with this one.

Rev-Base64-Loader Infrastructure Cluster1 shared entity
Ascii Infrastructure Cluster1 shared entity
Censys Infrastructure Cluster1 shared entity
Connectwise Infrastructure Cluster1 shared entity
Dropped-By-Amadey Infrastructure Cluster1 shared entity
Ascii Infrastructure Cluster1 shared entity
Lotteries, prizes & sweepstakes Robocall Campaign1 shared entity
Dropped-By-Amadey Infrastructure Cluster1 shared entity
Debt Reduction Robocall Campaign1 shared entity
Dropped call or no message Robocall Campaign1 shared entity
Asyncrat Infrastructure Cluster1 shared entity
Lotteries, prizes & sweepstakes Robocall Campaign1 shared entity
Dropped call or no message Robocall Campaign1 shared entity
Gafgyt Infrastructure Cluster1 shared entity
Archive Scam — lun.marvek.live1 shared entity

Scam Prevention Resources

Parking Revenue Recovery Services Doesn't Exist

A fake company sends official-looking parking violation notices through the mail. The letters demand payment for violations that never happened at places you never parked.

Dating Site Wants Crypto to Unlock Your Match

The voting process never ends. The fixes cost more crypto each time. The girl you picked doesn't exist.

Scratch-Off Cards Promise Free Cruises and Luxury Showcases

Those winning scratch-off cards in your mailbox aren't what they seem. The cruise invitation is fake, and the real pitch comes later.

QR Code Traffic Tickets Arrive by Text and Mail

Fake court notices with QR codes are hitting phones and mailboxes. The codes lead to credential-harvesting sites designed to steal your personal information.

(888) 269-4978 Won't Stop Calling About Loans You Never Applied For

This number has generated over 1,300 complaints in 30 days. The victims all have one thing in common: phantom loan applications they never submitted.

View all articles

NordPass — Stop reusing passwords across accounts

After a breach, attackers try stolen passwords on every site you use. NordPass generates and stores a unique password for each account.

Try NordPassAffiliate link. We may earn a commission.

View all campaigns