cloudflare.com — Страница 9

SMS Spammer hosting

SMS Spammed URL: https://aircloak.co/[] Looks like a URL shortener, but all URLs redirect to https://newsfor24x7.com/lean/[] aircloak.co. 143 IN A 172.67.223.45 aircloak.co. 143 IN A 104.21.38.139 newsfor24x7.com. 300 IN A 172.67.194.201 newsfor24x7.com. 300 IN A 104.21.52.36 — Domain Name: aircloak.co Registry Domain ID: DC5DBB495F5274DEA959A0F9EEFC612A9-GDREG Registrar WHOIS Server: Registrar URL: www.ownregistrar.com Updated Date: 2022-01-27T11:31:14Z Creation Date: 2021-07-28T18:18:55Z… Читать далее SMS Spammer hosting

SMS Spammer hosting

Spam Hosting (traincpe.com) (Pioneer Educator)

1/31/2022: This spam domain has been moved to Cloudflare, masking its real location, after Newfold (Endurance) terminated services to it. Cloudflare, please do not allow it to abuse your resources. $ host traincpe.com traincpe.com has address 172.67.157.197 traincpe.com has address 104.21.90.147 traincpe.com has IPv6 address 2606:4700:3034::6815:5a93 traincpe.com has IPv6 address 2606:4700:3036::ac43:9dc5 traincpe.com mail is handled… Читать далее Spam Hosting (traincpe.com) (Pioneer Educator)

Spam Hosting (traincpe.com) (Pioneer Educator)

Spamvertised websites

Received: from DM5PR16CA0038.namprd16.prod.outlook.com (2603:10b6:4:15::24) From: «Amazing Deals» <[]@[].s100viewpoints.com> Subject: 𝖡𝖮𝖭𝖴𝖲: $𝟧𝟢 𝖠𝖼𝖾 𝖧𝖺𝗋𝖽𝗐𝖺𝗋𝖾 𝖦𝗂𝖿𝗍 𝖢𝖺𝗋𝖽 𝖮𝗉𝗉𝗈𝗋𝗍𝗎𝗇𝗂𝗍𝗒 Date: Thu, 03 Feb 2022 02:3x:xx +0000 http://s100viewpoints.com/[] 159.223.48.46 https://bgoleblnkt.com/?E=[] 208.91.105.3 https://fourtnthone.com/?E=[]s 208.91.105.3 http://wkhar.com/aff_c?offer_id=437&aff_id=1189&aff_sub=acehardware&aff_sub2=[]&aff_sub3=704499&aff_sub4=[] 172.67.180.20 https://savermanagement.ru/gupe/sivihi/gesu/index.php?rpclk=[] 172.67.208.106

Loki botnet controller @104.21.37.76

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.37.76 on port 80 (using HTTP POST): hXXp://mainlandtoisland.ml/BN2/fre.php $ dig +short mainlandtoisland.ml 104.21.37.76 Referencing malware binaries (MD5 hash): c02cb63889491bf66eb4c4393c484e05 — AV detection:… Читать далее Loki botnet controller @104.21.37.76

Loki botnet controller @172.67.131.97

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.131.97 on port 80 (using HTTP POST): hXXp://augmentinprod.ir/jin/five/fre.php $ dig +short augmentinprod.ir 172.67.131.97 Referencing malware binaries (MD5 hash): 56e39caae9b7926e6298ae0625bb9385 — AV detection:… Читать далее Loki botnet controller @172.67.131.97

Malware botnet controller @172.67.136.96

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 172.67.136.96 on port 80 (using HTTP GET): hXXp://askiff.xyz/cookie/useStatistics/count $ dig +short askiff.xyz 172.67.136.96 Referencing malware binaries (MD5 hash): 0cbc41dabe91178f48bdc58913c3bf02 — AV detection:… Читать далее Malware botnet controller @172.67.136.96

spam support (domains)

Domain used in spam operation myfamilyfun.club [172.67.214.170]

spam support (domains)

domain used in spam operation get-huusk.com [172.67.195.132]