Рубрика: amazon.com

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 13.58.89.178 on port 80 (using HTTP POST): hXXp://13.58.89.178/contador/serv.php $ nslookup 13.58.89.178 ec2-13-58-89-178.us-east-2.compute.amazonaws.com

185.187.116.126 mail116-126.us2.msgfocus.com «mail116-126.us2.msgfocus.com» 2022-02-06T22:00:00Z (+/-10 min) 185.187.116.126/32 (185.187.116.126 .. 185.187.116.126) == Sample ========================== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=msgf; d=msgfocus.com; h=Subject:Message-ID:Reply-To:To:List-Unsubscribe:From:Date:MIME-Version: Content-Type; bh=.*=; b=.*t.* .*M.* .*= Subject: President Trump dropped a bomb on Hannity Message-ID: <.*-7Wsn.*-.*-1.*4.*@email.nrscfundraising.org> Reply-To: «MAJOR Trump Alert (via NRSC)» <.*> To: .* List-Unsubscribe: <mailto:.*?subject=Unsubscribe> From: «MAJOR Trump Alert (via NRSC)» <info@email.nrscfundraising.org> Date: .*… Читать далее spam source

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 18.222.122.216 on port 80 (using HTTP POST): hXXp://18.222.122.216/Contador/serv.php $ nslookup 18.222.122.216 ec2-18-222-122-216.us-east-2.compute.amazonaws.com

Received: from orangepix.it (66.152.162.73) Date: Tue, 8 Feb 2022 06:3x:xx -0500 From: 🔴 ʀᴇfɪɴᴀɴsɪᴇʀ ᴅᴇɴ ᴅʏʀᴇ sᴍÅɢᴊᴇʟᴅᴇɴ <[]> Subject: ＦＬＥＫＳＩＢＬＥ ０Ｇ ＵＳＩＫＲＥＤＥ ＬÅＮ ＩＮＮＴＩＬ ５ＯＯ，ＯＯＯ ＫＲ https://shoutout.wix.com/so/[] 185.230.63.199 https://s3.amazonaws.com/retraitesdfgsrsz/[] 54.231.137.168 http://madesurf.com/qs=[] 66.85.46.254 https://koffdeal.com/?a=1478&oc=11217&c=32713&m=3&s1=[]&s2=[]&s3=55 35.204.100.162 https://vijfhoof.com/?a=1478&oc=11217&c=32713&m=3&s1=[]&s2=[]&s3=55&ckmguid=[] 35.204.23.131 https://finansnord.no/?&clickid=[]&campaign=1050&affid=1478 172.105.93.105

Received: from dispatchb-us1.ppe-hosted.com (45.153.231.123) Date: Mon, 07 Feb 2022 21:5x:xx +0000 From: iPad Pro, iPad Pro <info@mail.socialdeal.nl> Subject: RE: U bent gekozen om gratis deel te nemen aan ons loyaliteitsprogramma! http://protected.digital/rd/[] 192.236.147.189 https://yellowheating.com/[] 193.124.15.153 https://jumblemumble.com/?s1=350712&s2=[]&s3=2466&s4=0&s10=25 172.67.214.60 https://unisonoverpas.com/[] 172.67.179.168 https://beastupz.com/click?s2=[]&s1=350712&s3=2466&trvid=10434 54.82.90.61 https://coupvariant.com/?a=162&c=3957&s2=[] 172.67.215.131 https://slim.footballgreethem.com/nl-nl/?o=3998&r=[]&a=162&sa= 104.21.51.16 https://payment.ohmyzpot.com/0ab9e/gateway.html?sid=[] 188.114.97.0

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 15.223.46.207 on port 5552 TCP: $ telnet 15.223.46.207 5552 Trying 15.223.46.207… Connected to 15.223.46.207. Escape character… Читать далее njrat botnet controller @15.223.46.207

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.27.54 a27-54.smtp-out.us-west-2.amazonses.com «a27-54.smtp-out.us-west-2.amazonses.com» 2022-02-07T16:00:00Z (+/-10 min) w 54.240.27.58 a27-58.smtp-out.us-west-2.amazonses.com «a27-58.smtp-out.us-west-2.amazonses.com»… Читать далее spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.27.54 a27-54.smtp-out.us-west-2.amazonses.com «a27-54.smtp-out.us-west-2.amazonses.com» 2022-02-07T16:00:00Z (+/-10 min) w 54.240.27.58 a27-58.smtp-out.us-west-2.amazonses.com «a27-58.smtp-out.us-west-2.amazonses.com»… Читать далее spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.11.6 a11-6.smtp-out.amazonses.com «a11-6.smtp-out.amazonses.com» 2022-01-16T22:50:00Z (+/-10 min) w 54.240.11.73 a11-73.smtp-out.amazonses.com «a11-73.smtp-out.amazonses.com»… Читать далее spam source

[!] This SBL record is to show an example of ongoing network abuse. It currently is not being published in the SBL list, but is instead being presented on the webpage so that the network owner has evidence to investigate and correct the problem. w 54.240.10.18 a10-18.smtp-out.amazonses.com «a10-18.smtp-out.amazonses.com» 2022-01-21T00:00:00Z (+/-10 min) 54.240.10.18/32 (54.240.10.18 .. 54.240.10.18)… Читать далее spam source