cloudflare.com — Страница 14

Loki botnet controller @172.67.146.15

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.146.15 on port 80 (using HTTP POST): hXXp://bouquetltd.xyz/five/fre.php $ dig +short bouquetltd.xyz 172.67.146.15 Referencing malware binaries (MD5 hash): 67ccc2f495dbb52f7268ace9b43c37bc — AV detection:… Читать далее Loki botnet controller @172.67.146.15

Loki botnet controller @172.67.160.125

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.160.125 on port 80 (using HTTP POST): hXXp://hdmidu.xyz/five/fre.php $ dig +short hdmidu.xyz 172.67.160.125 Other malicious domain names hosted on this IP address:… Читать далее Loki botnet controller @172.67.160.125

Spammer hosting @104.21.63.238

Spammer hosting located here: https://trk.klclick3.com/ls/click?upn=X -> https://nostalgicgig.com/0/0/0/X —> https://greenfeelingz.com/de-shark-1/index_2.php?id=X&s1=X&s2=X&s3=X —> https://greenfeelingz.com/de-shark-1/?X —-> https://bibcart.com/click?trvid=X&s2=X&s1=X&s3=X ——> https://vkgtrack.com/?a=X&oc=X&c=X&s2=X ——> https://shop5.ultramaxtestoenhancer.com/#/de/main/?campaign=X&subid1=X&subid2=&subid3=X&subid4=&temp=X $ dig +short greenfeelingz.com 104.21.63.238 172.67.173.27 Spam sample ============================== Received: from mail-ua1-f49.google.com (mail-ua1-f49.google.com [209.85.222.49]) by X (Postfix) with ESMTPS id X for <X>; Sat, 20 Nov 2021 X Received: by mail-ua1-f49.google.com with SMTP id X for <X>; Sat,… Читать далее Spammer hosting @104.21.63.238

Spammer hosting @172.67.173.27

Spammer hosting @104.26.6.82

Spammer hosting located here: https://trk.klclick3.com/ls/click?upn=X -> https://nostalgicgig.com/0/0/0/X —> https://greenfeelingz.com/de-shark-1/index_2.php?id=X&s1=X&s2=X&s3=X —> https://greenfeelingz.com/de-shark-1/?X —-> https://bibcart.com/click?trvid=X&s2=X&s1=X&s3=X ——> https://vkgtrack.com/?a=X&oc=X&c=X&s2=X ——> https://shop5.ultramaxtestoenhancer.com/#/de/main/?campaign=X&subid1=X&subid2=&subid3=X&subid4=&temp=X $ dig +short shop5.ultramaxtestoenhancer.com 104.26.6.82 172.67.68.4 104.26.7.82 Spam sample ============================== Received: from mail-ua1-f49.google.com (mail-ua1-f49.google.com [209.85.222.49]) by X (Postfix) with ESMTPS id X for <X>; Sat, 20 Nov 2021 X Received: by mail-ua1-f49.google.com with SMTP id X for <X>;… Читать далее Spammer hosting @104.26.6.82

Spammer hosting @172.67.68.4

Spammer hosting located here: https://trk.klclick3.com/ls/click?upn=X -> https://nostalgicgig.com/0/0/0/X —> https://greenfeelingz.com/de-shark-1/index_2.php?id=X&s1=X&s2=X&s3=X —> https://greenfeelingz.com/de-shark-1/?X —-> https://bibcart.com/click?trvid=X&s2=X&s1=X&s3=X ——> https://vkgtrack.com/?a=X&oc=X&c=X&s2=X ——> https://shop5.ultramaxtestoenhancer.com/#/de/main/?campaign=X&subid1=X&subid2=&subid3=X&subid4=&temp=X $ dig +short shop5.ultramaxtestoenhancer.com 104.26.6.82 172.67.68.4 104.26.7.82 Spam sample ============================== Received: from mail-ua1-f49.google.com (mail-ua1-f49.google.com [209.85.222.49]) by X (Postfix) with ESMTPS id X for <X>; Sat, 20 Nov 2021 X Received: by mail-ua1-f49.google.com with SMTP id X for <X>;… Читать далее Spammer hosting @172.67.68.4

Spammer hosting @104.26.7.82

Spammer hosting located here: https://trk.klclick3.com/ls/click?upn=X -> https://nostalgicgig.com/0/0/0/X —> https://greenfeelingz.com/de-shark-1/index_2.php?id=X&s1=X&s2=X&s3=X —> https://greenfeelingz.com/de-shark-1/?X —-> https://bibcart.com/click?trvid=X&s2=X&s1=X&s3=X ——> https://vkgtrack.com/?a=X&oc=X&c=X&s2=X ——> https://shop5.ultramaxtestoenhancer.com/#/de/main/?campaign=X&subid1=X&subid2=&subid3=X&subid4=&temp=X $ dig +short shop5.ultramaxtestoenhancer.com 104.26.6.82 172.67.68.4 104.26.7.82 Spam sample ============================== Received: from mail-ua1-f49.google.com (mail-ua1-f49.google.com [209.85.222.49]) by X (Postfix) with ESMTPS id X for <X>; Sat, 20 Nov 2021 X Received: by mail-ua1-f49.google.com with SMTP id X for <X>;… Читать далее Spammer hosting @104.26.7.82

Carding fraud site/forum: altenen.is / altenen.sk / altenen.st / altenen.pro / altenens.is / alboraaq.com

Stolen credit card data sites: www.Altenen.sk + www.Altenen.St + www.Altenen.Pro + www.Alboraaq.com Telegram Group : https://t.me/altenen_nz Twitter : https://twitter.com/group_atn Instagram : https://www.instagram.com/altenen.official/ https://altenen.is/ => https://altenens.is/ altenens.is. 300 IN A 172.67.176.196 altenens.is. 300 IN A 104.21.17.127 ____________________________________ Was: altenens.is. 300 IN A 190.115.22.179 ____________________________________ Was: altenens.is. 300 IN A 23.88.102.152 ____________________________________ Was: altenens.is. 300 IN A… Читать далее Carding fraud site/forum: altenen.is / altenen.sk / altenen.st / altenen.pro / altenens.is / alboraaq.com

Loki botnet controller @172.67.148.74

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.148.74 on port 80 (using HTTP POST): hXXp://aboliki.xyz/five/fre.php $ dig +short aboliki.xyz 172.67.148.74 Other malicious domain names hosted on this IP address:… Читать далее Loki botnet controller @172.67.148.74

Loki botnet controller @104.21.59.53

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.59.53 on port 80 (using HTTP POST): hXXp://alenbrooksret.com/mobi/Panel/five/fre.php $ dig +short alenbrooksret.com 104.21.59.53 Other malicious domain names hosted on this IP address:… Читать далее Loki botnet controller @104.21.59.53