digitalocean.com — Страница 29

phishing server

citizens-auth.com has address 165.232.156.64 citzens-sec.com has address 165.232.156.64

WSHRAT botnet controller @137.184.6.37

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 137.184.6.37 on port 7121 TCP: $ telnet 137.184.6.37 7121 Trying 137.184.6.37… Connected to 137.184.6.37. Escape character… Читать далее WSHRAT botnet controller @137.184.6.37

Spamvertised website

2021-10-26 crystals.com.de. 60 IN A 165.232.118.6 2021-10-25 crystals.com.de. 60 IN A 46.101.3.14 Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 185.146.157.69 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61

Estonian corporate undertaker spam

Return-Path: <eisoovi2021@gmail.com> Received: from keen-bose.206-189-108-1.plesk.page (unknown [206.189.108.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by x (Postfix) with ESMTPS id x for <x>; Mon, 25 Oct 2021 ##:##:## +0000 (UTC) or Received: from sad-volhard.143-110-216-170.plesk.page (unknown [143.110.216.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by x… Читать далее Estonian corporate undertaker spam

Estonian corporate undertaker spam

Spamvertised website

Received: from saepezrezo.urlweb.xyz ([195.154.32.132]) From: Jobs from Home <[]> Date: 10-24-2021 (EDT) Subject: $1,000+ 𝙥𝙚𝙧 𝙬𝙚𝙚𝙠 𝙛𝙧𝙤𝙢 𝙝𝙤𝙢𝙚 https://t.co/IZc9t0slWD http://trk.vmptoday.com/aff_c?offer_id=1967&aff_id=559 18.202.12.61 https://pionsures-poludes.com/[]?utm_tracking_id=922&utm_partner_name=vertigo&affiliate_id=559&utm_source=vertigo&utm_medium=publisher&externalid=[] 18.192.108.151 https://my10hourworkweek.com/us/?utm_tracking_id=922&utm_partner_name=vertigo&utm_source=vertigo&utm_medium=publisher&affiliate_id=559&first_id=&externalid=[]&clickid=[] 167.71.1.108

Spamvertised website

2021-10-25 crystals.com.de. 60 IN A 46.101.3.14 Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 185.146.157.69 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61

spam emitter @164.90.239.211

Received: from fnzrwu.nayrb.com (164.90.239.211) From: Netflix<noreply@netflix.ru!>; <noreply@email.ellos.no> Subject: Du er en av våre potensielle vinnere! Date: Sun, 24 Oct 2021 21:2x:xx +0000

Carding fraud site/forums: fe-acc18.ru (DNS)

ns1.fe-acc18.ru. 300 IN A 159.223.69.200 ns2.fe-acc18.ru. 300 IN A 159.223.74.144 ns3.fe-acc18.ru. 296 IN A 45.9.20.193 __________________________ Was: ns1.fe-acc18.ru. 273 IN A 67.205.169.224 ns2.fe-acc18.ru. 273 IN A 206.189.103.131 ns3.fe-acc18.ru. 273 IN A 45.9.20.193 ___________________________ Was: ns1.fe-acc18.ru. 299 IN A 159.65.60.44 ns2.fe-acc18.ru. 299 IN A 206.189.37.24 ;; QUESTION SECTION: ;ns1.fe-acc18.ru. IN A ;; ANSWER SECTION: ns1.fe-acc18.ru. 300… Читать далее Carding fraud site/forums: fe-acc18.ru (DNS)