The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.156.28 on port 80 (using HTTP POST): hXXp://opticallogz.xyz/oluwa/five/fre.php $ dig +short opticallogz.xyz 172.67.156.28 Referencing malware binaries (MD5 hash): 077755c67dcc6a0dbeb780ccedf28d18 — AV detection:… Читать далее Loki botnet controller @172.67.156.28
Рубрика: cloudflare.com
Loki botnet controller @172.67.149.73
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.149.73 on port 80 (using HTTP POST): hXXp://lokich.xyz/icecobe/so/lc.php $ dig +short lokich.xyz 172.67.149.73 Referencing malware binaries (MD5 hash): 87318f1d305066bd1c251de584450134 — AV detection:… Читать далее Loki botnet controller @172.67.149.73
Loki botnet controller @172.67.183.45
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.183.45 on port 80 (using HTTP POST): hXXp://hdmibonquet.ir/oge/five/fre.php $ dig +short hdmibonquet.ir 172.67.183.45 Referencing malware binaries (MD5 hash): f1a00a5cee1d447a64a26695ad573243 — AV detection:… Читать далее Loki botnet controller @172.67.183.45
Loki botnet controller @104.21.67.244
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.67.244 on port 80 (using HTTP POST): hXXp://hdmibonquet.ir/five/fre.php $ dig +short hdmibonquet.ir 104.21.67.244 Referencing malware binaries (MD5 hash): 47a0e4fec99c3018e70abdf75c4e210f — AV detection:… Читать далее Loki botnet controller @104.21.67.244
spam support (domains)
domain used in spam operation fake store coupons/id theft listnets.com… 104.21.65.128, 172.67.145.109 Subject: Ace-Hardware.Shopper—Feedback— <registration@facebookmail.com>
spam support (domains)
domain used in spam operation fake store coupons/id theft listnets.com… 104.21.65.128, 172.67.145.109 Subject: Ace-Hardware.Shopper—Feedback— <registration@facebookmail.com>
spam support (domains)
domain used in id theft operation dreadgeplot.com… 104.21.58.91, 172.67.202.136
spam support (domains)
domain used in id theft operation dreadgeplot.com… 104.21.58.91, 172.67.202.136
spam support (domains)
domain used in spam operation getfolifort.com 104.21.95.217
Loki botnet controller @104.21.79.142
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.79.142 on port 80 (using HTTP POST): hXXp://bouquetltd.xyz/five/fre.php $ dig +short bouquetltd.xyz 104.21.79.142 Referencing malware binaries (MD5 hash): 67ccc2f495dbb52f7268ace9b43c37bc — AV detection:… Читать далее Loki botnet controller @104.21.79.142