Рубрика: digitalocean.com

Received: from mail.lisatte.com ([137.184.200.152]) From: «Witt, Client Manager» <contact@lisatte.com> Subject: 💰 Uw investeringsplan is klaar, [] Date: Tue, 22 Mar 2022 13:0x:xx +0000

Received: from mail.airkellyp.com ([137.184.55.158]) From: «Jennings, Investeringsmanager» <contact@airkellyp.com> Subject: ⏰ Uw 7-cijferige abonnement verloopt om middernacht… Date: Tue, 22 Mar 2022 10:5x:xx +0000

Received: from mail.towenlife.me ([64.227.173.233]) From: «BitcoinTrader» <contact@towenlife.me> Subject: [], u heeft een openstaand bedrag op uw rekening Date: Tue, 22 Mar 2022 04:5x:xx -0700

Received: from mail.qualizise.com ([164.92.190.8]) From: «Felix, Investeringsmanager» <contact@qualizise.com> Subject: Gefeliciteerd, uw investeringsplan is klaar [] 🤑 Date: Tue, 22 Mar 2022 09:2x:xx +0000 https://investplann.page.link/GMQ7 142.250.186.174 https://tomorrowisthedayaftertoday.biz/[] 18.195.174.160 https://chargetraqing.com/investment_plan/nl/?dom=[] 185.36.81.177

s3curenfcu.duckdns.org has address 188.166.0.212 2factor-forciti.com has address 188.166.0.212

This IP address is sending spam for OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) feeds and/or subscriptions through spam sent to scraped, purchased or appended lists. OMICS has over 200 current and previous SBL listings. Received: from e1.scijournalfocus.biz (e1.scijournalfocus.biz [206.81.6.166]) ate: Mon, 21 Mar 2022 18:##:## +0530 From: AIDS &… Читать далее Spam Emitter (OMICS)

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 178.62.198.37 on port 80 (using HTTP POST): hXXp://178.62.198.37/ Referencing malware binaries (MD5 hash): 01c811b8c6e03cefe0d00a3bbf4bec95 — AV detection: 25 / 69 (36.23) 0312b0d1320dd31619225bfeae780ccb… Читать далее RaccoonStealer botnet controller @178.62.198.37

triusst.top has address 142.93.71.147 Truist | Personal Banking, Commercial Banking, Mortgages, Investments 142.93.71.147|b3cu.top|2022-03-18 08:13:42 142.93.71.147|rzgionstransfer.icu|2022-03-17 18:19:05 142.93.71.147|safe1bequ.org|2022-03-15 20:22:25 142.93.71.147|secure-d58af5074-notify.tech|2022-03-16 14:03:14 142.93.71.147|secure-d58af5174-notify.us|2022-03-19 07:12:20 142.93.71.147|secured-d58af507401b31e6ac098e0abe578b31-helpauth.com|2022-03-17 03:26:19 142.93.71.147|secured-regions174-notify.us|2022-03-19 16:01:45 142.93.71.147|triusst.top|2022-03-16 22:36:24

159.65.175.160|mobilecit1.com|2022-03-18 01:31:01 159.65.175.160|mobilednssecured-citi.com|2022-03-18 00:22:18 159.65.175.160|paypalfraud.org|2022-03-17 02:22:03 159.65.175.160|pp19xp.com|2022-03-15 20:13:03 159.65.175.160|secureddns-bofaportal.com|2022-03-17 08:12:18

Malware botnet controller hosted here: $ dig +short folded.in 178.62.204.81 151.236.220.210 194.195.117.167 67.207.84.82 $ telnet 178.62.204.81 1025 Trying 178.62.204.81… Connected to 178.62.204.81. Escape character is ‘^]’.