cloudflare.com — Страница 2

Spammer hosting @172.67.70.232

Spammer hosting located here: https://t.raptorsmartadvisor.com/.lty?url=inother.me?X -> http://inother.me/?X —> https://www.loansidemed.com/X —> https://translatorenence.com/articles/japan-tech/?lX $ dig +short t.raptorsmartadvisor.com 104.26.9.80 172.67.70.232 104.26.8.80 Spam sample ============================================== Received: from whale.canuswim.pro ([138.91.52.151]) by X with ESMTP id X; Wed, 30 Mar 2022 X Received: from tpgau.xyz (unknown [74.63.254.136]) by X (Postfix) with ESMTP id X for <X; Wed, 30 Mar 2022 X… Читать далее Spammer hosting @172.67.70.232

Spammer hosting @104.21.80.160

Spammer hosting located here: https://t.raptorsmartadvisor.com/.lty?url=inother.me?X -> http://inother.me/?X —> https://www.loansidemed.com/X —> https://translatorenence.com/articles/japan-tech/?lX $ dig +short translatorenence.com 104.21.80.160 172.67.151.118 Spam sample ============================================== Received: from whale.canuswim.pro ([138.91.52.151]) by X with ESMTP id X; Wed, 30 Mar 2022 X Received: from tpgau.xyz (unknown [74.63.254.136]) by X (Postfix) with ESMTP id X for <X; Wed, 30 Mar 2022 X MIME-Version:… Читать далее Spammer hosting @104.21.80.160

Spammer hosting @104.26.8.80

Spammer hosting @172.67.151.118

Spammer hosting located here: https://t.raptorsmartadvisor.com/.lty?url=inother.me?X -> http://inother.me/?X —> https://www.loansidemed.com/X —> https://translatorenence.com/articles/japan-tech/?lX $ dig +short translatorenence.com 104.21.80.160 172.67.151.118 Spam sample ============================================== Received: from whale.canuswim.pro ([138.91.52.151]) by X with ESMTP id X; Wed, 30 Mar 2022 X Received: from tpgau.xyz (unknown [74.63.254.136]) by X (Postfix) with ESMTP id X for <X; Wed, 30 Mar 2022 X MIME-Version:… Читать далее Spammer hosting @172.67.151.118

Spam A/MX (OMIcS)

This IP address hosts the A record of the domain clinicsinoncology.com. This domain belongs to OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions, through spam sent to scraped, purchased or appended lists. Received: from host3.vcomwebtech.com (host3.vcomwebtech.com [137.59.201.212]) Date: Wed, 30 Mar 2022 23:##:## +0000 From: Clinics in Oncology™… Читать далее Spam A/MX (OMIcS)

AZORult botnet controller @104.21.89.109

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. AZORult botnet controller located at 104.21.89.109 on port 80 (using HTTP POST): hXXp://bl1we4t.xyz/index.php $ dig +short bl1we4t.xyz 104.21.89.109

Malware botnet controller @188.114.96.7

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 188.114.96.7 on port 80 (using HTTP GET): hXXp://fairsence.com/campaign/ $ dig +short fairsence.com 188.114.96.7 Referencing malware binaries (MD5 hash): 0064caa7177eaa04510478f45c135cb7 — AV detection:… Читать далее Malware botnet controller @188.114.96.7

ArkeiStealer botnet controller @104.21.80.230

ArkeiStealer botnet controller hosted here: https://c.im/@banda3ker https://c.im/@killern3ax https://c.im/@kipriauk11 https://c.im/@prophef3 https://c.im/@sergeev47 $ dig +short c.im 104.21.80.230 172.67.155.17

ArkeiStealer botnet controller @172.67.155.17

Loki botnet controller @188.114.96.15

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 188.114.96.15 on port 80 (using HTTP POST): hXXp://chrisupdated.xyz/ttboi/five/fre.php $ dig +short chrisupdated.xyz 188.114.96.15 Referencing malware binaries (MD5 hash): 01dfa2db4bfb87e5a5d2d4e5d8c00f5f — AV detection:… Читать далее Loki botnet controller @188.114.96.15