Рубрика: google.com

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 34.90.81.5 port 443… Читать далее Malware / Botnet / Phishing hosting server @34.90.81.5

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.88.129.31 on port 443: $ telnet 34.88.129.31 443 Trying 34.88.129.31… Connected to 34.88.129.31. Escape character is… Читать далее Malware botnet controller @34.88.129.31

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 34.69.176.228 on port 443. $ telnet 34.69.176.228 443 Trying 34.69.176.228… Connected to 34.69.176.228. Escape character is ‘^]’ $ dig +short -x 34.69.176.228 66.254.138.34.bc.googleusercontent.com.… Читать далее Malware botnet controller @34.69.176.228

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 35.228.143.125 on port 80 (using HTTP POST): hXXp://secure01-redirect.net/gc5/fre.php secure01-redirect.net. 600 IN A 35.228.143.125 Referencing malware binaries (MD5 hash): 551b922ffeac1a93a892a5b15f4465ee — AV detection:… Читать далее Loki botnet controller @35.228.143.125

Google hosts the A record and website of the domain mindregal.com. This domain is spamming through Elasticmail. Received: from m243.mxout.mta4.net (m243.mxout.mta4.net [67.227.85.243]) Date: Wed, 02 Feb 2022 14:##:## +0000 From: Jose Mora <info@mindregal.com> Subject: 2022 Advanced Course On Lean Documents <x> <snip> https://mindregal.com An Advanced Course On Lean Documents, Lean Configuration And Document Control <snip>… Читать далее Spam Emitters (Ijona Services)

35.246.214.97|365online-securesupport.com|2022-02-01 21:36:48 35.246.214.97|3authenticationsecureserver.ae.org|2022-02-02 01:36:14 35.246.214.97|97.214.246.35.bc.googleusercontent.com|2021-04-01 04:46:21 35.246.214.97|alert404-aib.com|2022-02-02 02:56:09 35.246.214.97|authorizelogininfo.net|2022-02-02 01:26:23 35.246.214.97|online-open24-support.com|2022-02-01 19:32:37 35.246.214.97|overdue-tax.com|2022-02-02 02:56:03 35.246.214.97|secure-aib-mobile.com|2022-02-01 19:32:47 2/4/2022 35.246.214.97|365live-digitalnotice.com|2022-02-03 13:47:38 35.246.214.97|365live-digitalnotices.com|2022-02-03 23:11:44 35.246.214.97|365live-helpdesk.com|2022-02-03 12:51:58 35.246.214.97|365online-authenticaccountsecurity.com|2022-02-03 17:18:00 35.246.214.97|365online-secureacces.com|2022-02-02 19:56:32 35.246.214.97|365online-securedsupport.com|2022-02-02 20:57:09 35.246.214.97|365online-securesupport.com|2022-02-01 21:36:48 35.246.214.97|365onlineweb-helper.com|2022-02-03 17:33:23 35.246.214.97|365secured-authentication.com|2022-02-04 13:33:06 35.246.214.97|3authenticationsecureserver.ae.org|2022-02-04 15:42:13 35.246.214.97|97.214.246.35.bc.googleusercontent.com|2021-04-01 04:46:21 35.246.214.97|aib-mobile-security.com|2022-02-03 16:57:26 35.246.214.97|aib-mobileservice.com|2022-02-04 11:57:18 35.246.214.97|aibauthuser.com|2022-02-03 14:08:38 35.246.214.97|aibinfo-authentication.com|2022-02-03 13:12:51 35.246.214.97|aibloginservice.com|2022-02-03 13:02:22 35.246.214.97|aibonline-authenticator.com|2022-02-03 22:17:05 35.246.214.97|aibonline-recovery.com|2022-02-02 13:44:00 35.246.214.97|aibsecured-support.com|2022-02-03 16:41:55… Читать далее phishing server

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 35.238.161.88 on port 443: $ telnet 35.238.161.88 443 Trying 35.238.161.88… Connected to 35.238.161.88. Escape character is… Читать далее Malware botnet controller @35.238.161.88

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 34.88.171.120 port 443… Читать далее Malware / Botnet / Phishing hosting server @34.88.171.120

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.65.143.203 on port 443: $ telnet 34.65.143.203 443 Trying 34.65.143.203… Connected to 34.65.143.203. Escape character is… Читать далее Malware botnet controllers @34.65.143.203

More of the same here: 34.146.212.241 mail-amozvn.onthewifi.com Very likely this is the same operator. 34.84.63.160 mail-amzne.3utilities.com 34.84.63.160 mail-amzn.servegame.com 34.84.63.160 mail-amzn.serveftp.com 34.84.63.160 mail-amzn.servehttp.com 34.84.63.160 mail-amzn.servebeer.com 34.84.63.160 mail-amzon.servebeer.com 34.84.63.160 mail-amzen.serveirc.com 34.84.63.160 mail-amzon.serveirc.com 34.84.63.160 mail-amzn.serveirc.com 34.84.63.160 mail-amzne.servemp3.com 34.84.63.160 mail-amzon.onthewifi.com 34.84.63.160 mail-amzn.myvnc.com 34.84.63.160 mail-amzen.servehalflife.com It is unusual not to find Rakuten here too. They often mix the too.