Рубрика: google.com

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 35.247.221.21 on port 443. $ telnet 35.247.221.21 443 Trying 35.247.221.21… Connected to 35.247.221.21. Escape character is ‘^]’ $ dig +short -x 35.247.221.21 66.254.138.34.bc.googleusercontent.com.… Читать далее Malware botnet controller @35.247.221.21

35.229.249.161|mycommbank-1og.in|2022-01-15 06:51:05 35.229.249.161|mycommbankingsecure-log.in|2022-01-14 13:37:26 35.229.249.161|mycommbankingsecured-log.in|2022-01-15 05:11:01 35.229.249.161|mycommbanksec.com.au|2022-01-13 01:31:28 35.229.249.161|mycommsecure.com.au|2022-01-14 05:37:22 35.229.249.161|mycommsecured-log.in|2022-01-16 00:06:20 35.229.249.161|mynetbanksecure-log.in|2022-01-15 11:56:09 35.229.249.161|mysecured-log.in|2022-01-16 02:25:56

This IP address hosts the A and MX records for the domain clinofsur.us. This domain belongs to OMICS, a publisher of «open-access» journals for scientific, engineering, and medical researchers and educators, is spamming from this IP address to advertise its journals. It appears in spam sent by OMICS as a dropbox, to receive responses. Received:… Читать далее Spam Emitter (OMICS)

34.106.12.207|wells-securec03.com|2022-01-07 22:06:15 34.106.12.207|wells-securec1.com|2022-01-07 20:06:32 34.106.12.207|wells-securec2.com|2022-01-07 21:56:11 34.106.12.207|wells-securec4.com|2022-01-07 22:16:21

34.159.64.91|cancelnewdevice-security.com|2022-01-04 14:25:50 34.159.64.91|help-checkonline.com|2022-01-04 15:32:31 34.159.64.91|helpsecuredevice.com|2022-01-04 15:47:30 34.159.64.91|ns64.root-serv.com|2022-01-04 14:24:56 34.159.64.91|ns65.root-serv.com|2022-01-04 14:24:56 34.159.64.91|portal-onlineview.com|2022-01-04 15:52:11 34.159.64.91|remove-device-attempt.com|2022-01-04 15:16:53 34.159.64.91|royalmail-resend-uk.com|2022-01-04 15:32:28 34.159.64.91|verification-cancelnewdevice.com|2022-01-04 14:25:49 34.159.64.91|verify-newonline.com|2022-01-04 15:32:18

Mirai botnet controller hosted here: $ telnet 35.197.127.250 6379 Trying 35.197.127.250… Connected to 35.197.127.250. Escape character is ‘^]’.

Return-Path: <2019marwahrahad10+[]@googlegroups.com> Received: from mail-oo1-f60.google.com (mail-oo1-f60.google.com [209.85.161.60]) by [] (8.14.7/8.14.7) with ESMTP id [] (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK) for []; Sun, 26 Dec 2021 07:[]:[] -0500 Authentication-Results: [] Received: by mail-oo1-f60.google.com with SMTP id [] for []; Sun, 26 Dec 2021 04:[]:[] -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=[]; cv=pass; d=google.com; s=arc-[]; b=[] ARC-Message-Signature: i=2; a=rsa-sha256;… Читать далее 2019marwahrahad10@googlegroups.com bulletproof spam service via Google Groups

citi-secured02d.com 2021-12-26 00:07:39 citi-secured03d.com 2021-12-26 00:07:39 citi-secured05d.com 2021-12-26 00:07:39 citi-secured06d.com 2021-12-25 23:51:32 citi-secured01d.com 2021-12-25 23:51:32 citi-secured04d.com 2021-12-25 23:36:32 citi-secured02d.com has address 35.231.104.239 citi-secured03d.com has address 35.231.104.239 citi-secured05d.com has address 35.231.104.239 citi-secured06d.com has address 35.231.104.239 citi-secured01d.com has address 35.231.104.239 citi-secured04d.com has address 35.231.104.239

34.106.120.76|secure01z-chase.com|2021-12-24 20:36:00 34.106.120.76|secure02z-chase.com|2021-12-24 19:51:11 34.106.120.76|secure03z-chase.com|2021-12-24 20:36:23 34.106.120.76|secure04z-chase.com|2021-12-24 21:31:07 34.106.120.76|secure05z-chase.com|2021-12-24 20:26:02 34.106.120.76|secure06z-chase.com|2021-12-24 19:50:58 34.106.120.76|wells-secure01w.com|2021-12-24 21:56:06 34.106.120.76|wells-secure03w.com|2021-12-24 21:56:00 34.106.120.76|wells-secure04w.com|2021-12-24 22:06:39

34.125.145.239|be-secure01.net|2021-12-17 15:28:36 34.125.145.239|secure01-logon.com|2021-12-20 16:51:56 34.125.145.239|secureb03-logln.com|2021-12-22 18:56:53 34.125.145.239|secureb04-logln.com|2021-12-22 20:42:07 34.125.145.239|secureinfociti.support|2021-12-17 20:56:01 34.125.145.239|signin1-restb01.com|2021-12-17 01:37:42 34.125.145.239|verify-b2logln.com|2021-12-22 20:41:46 34.125.145.239|verify01-login.com|2021-12-20 19:21:44 34.125.145.239|verify02-login.com|2021-12-20 20:31:12 34.125.145.239|verify0l-onl1ne.com|2021-12-23 18:08:42