Received: by mail-wr1-f54.google.com with SMTP id X.3 for <X>; Wed, 22 Dec 2021 09:22:47 -0800 (PST) xxx X-Received: by 2002:adf:f907:: with SMTP id b7mr2697407wrr.5.1640193766914; Wed, 22 Dec 2021 X Received: from 1036669786545 named unknown by gmailapi.google.com with HTTPREST; Wed, 22 Dec 2021 X From: Edward Bishop <edwarbishopmh@gmail.com> In-Reply-To: <X-X=X@mail.gmail.com> References: <X-X=X@mail.gmail.com> Mime-Version: 1.0 Date: Wed,… Читать далее Spam source @209.85.221.54
Рубрика: google.com
DCRat botnet controller @35.195.10.252
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 35.195.10.252 on port 443 TCP: $ telnet 35.195.10.252 443 Trying 35.195.10.252… Connected to 35.195.10.252. Escape character… Читать далее DCRat botnet controller @35.195.10.252
phishing server
34.106.102.169|boa-safe.com|2021-12-20 02:01:21 34.106.102.169|boa-secured.com|2021-12-20 02:21:21 34.106.102.169|boa-secures.com|2021-12-21 06:46:20 34.106.102.169|charles-schwabs.com|2021-12-20 01:29:01 34.106.102.169|secured-america.com|2021-12-21 02:15:20 34.106.102.169|secures-boa.com|2021-12-21 13:52:19
phishing server
hXXps://secured-schwab.com/ secured-schwab.com has address 34.106.43.189
phishing server
34.125.169.135|l0g7n-gate6f.us|2021-12-12 22:25:51 34.125.169.135|ver1fy-dashboard.us|2021-12-16 17:36:09 34.125.169.135|vs76g.us|2021-12-12 22:20:50
AsyncRAT botnet controller @34.140.211.85
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 34.140.211.85 on port 7707 TCP: $ telnet 34.140.211.85 7707 Trying 34.140.211.85… Connected to 34.140.211.85. Escape character… Читать далее AsyncRAT botnet controller @34.140.211.85
phishing server
35.185.34.161|online03restor-login6citi.com|2021-12-15 18:21:04 35.185.34.161|reciti-slink.com|2021-12-15 18:21:22 35.185.34.161|schwab-weblink.com|2021-12-15 18:01:19
Guildma botnet controller @34.121.16.40
The host at this IP address is hosted a Guildma botnet tier-2 controller, targeting Brazilian internet users: http://34.121.16.40
Guildma botnet controller @104.197.33.205
The host at this IP address is hosted a Guildma botnet tier-2 controller, targeting Brazilian internet users: http://104.197.33.205
phishing server
35.237.86.164|01chase-updated2.us|2021-12-02 00:30:58 35.237.86.164|chsec02.us|2021-12-02 00:31:07 35.237.86.164|ci10a.us|2021-12-10 05:20:50 35.237.86.164|cmdt03.us|2021-11-30 04:45:55 35.237.86.164|cui89.us|2021-12-08 00:41:16 35.237.86.164|farg0-0wellsrestor.us|2021-12-03 19:25:58 35.237.86.164|klgf02.us|2021-12-03 19:16:04 35.237.86.164|klnm02.us|2021-12-03 12:51:47 35.237.86.164|l0g1ngate08-ver1fy.us|2021-12-08 17:36:05 35.237.86.164|l0g1ngate15-ver1fy.us|2021-12-10 02:10:51 35.237.86.164|l0g1ngate16-ver1fy.us|2021-12-10 07:46:41 35.237.86.164|sec53-restor01.us|2021-12-03 02:06:26 35.237.86.164|smileyeshop.com|2021-04-16 12:52:03 35.237.86.164|updat01-yourciti.us|2021-11-29 23:11:13 35.237.86.164|ver1fy-pr0f1lgate09.us|2021-12-11 02:20:37