Рубрика: ispserver.com

185.43.5.65 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 185.43.5.65 stops answering DNS queries for spamvertized domain names. NS1.KAK-PRIGOTOVIT-SPAGETTI.RU — 18sgorg.su — 2card.su — 2forcecc.ru — 3xshop.su — 850scoreorg.ru — abcstoresu.ru — akepy.ru —… Читать далее Spammer DNS hosting (cybercrime forums)

188.120.242.131 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 188.120.242.131 stops answering DNS queries for spamvertized domain names. 1 Nameservers seen on 188.120.242.131: NS2.DOMEN-DOMIK.RU — 1shnurok.ru — 1sns.ru — 2rich4bitches.ru — 2rich4bitches.su — 2tracks24.net… Читать далее Spammer DNS hosting (cybercrime forums)

77.246.158.36 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 77.246.158.36 stops answering DNS queries for spamvertized domain names. NS1.DOMEN-DOMIK.RU — 1shnurok.ru — 1sns.ru — 2rich4bitches.ru — 2rich4bitches.su — 2tracks24.net — 3oprint.ru — abro.su —… Читать далее Spammer DNS hosting (cybercrime forums)

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 185.146.157.136 on port 80 (using HTTP GET): hXXp://185.146.157.136/providerLinepythonflowercentral.php $ nslookup 185.146.157.136 d6war2mlcomazix3.fvds.ru Referencing malware binaries (MD5 hash): 7ec2862219365f2f7401a770e0bfc03a — AV detection: 4… Читать далее DCRat botnet controller @185.146.157.136

Received: from gotogml.com (gotogml.com. [185.122.223.223]) From: 🔔Gemeentelijk Energie <[]@gotogml.com> Date: Fri, 08 Oct 2021 09:1x:xx +0000 Subject: Nieuw in uw gemeente: bespaar via het Gemeentelijke Energie Collectief http://crystals.com.de/rd/[] 185.146.157.69 https://laudypauty.com/[] 209.159.146.166 https://sendt.go2cloud.org/aff_c?offer_id=2893&aff_id=1482&aff_sub=472864&aff_sub2=[]&aff_sub3=31 18.202.12.61

According to our telem’etry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 78.24.217.184 on port… Читать далее Malware / Botnet / Phishing hosting server @78.24.217.184

ns1.zuganov-lox.ru. 14400 IN A 185.244.149.231 ns2.zuganov-lox.ru. 14400 IN A 37.46.134.199 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 164.132.216.32 ns2.zuganov-lox.ru. 14400 IN A 164.132.216.35 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 83.220.174.184 ns2.zuganov-lox.ru. 14400 IN A 85.143.220.177 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 109.248.133.96 ns2.zuganov-lox.ru. 14400 IN A 185.117.155.168 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 94.142.143.206 ns2.zuganov-lox.ru. 14400… Читать далее Credit card fraud gang hosting (DNS): zuganov-lox.ru (hacked-paypal-accounts-dump.ru / fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 62.109.30.251 on port 80 (using HTTP GET): hXXp://62.109.30.251/ImageResoulstion.php $ nslookup 62.109.30.251 veronika.martinovas.fvds.ru Referencing malware binaries (MD5 hash): 6762a6d9cc67654ca16ae07b54bd6467 — AV detection: 45… Читать далее DCRat botnet controller @62.109.30.251

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 37.46.128.148 on port 80 (using HTTP GET): hXXp://37.46.128.148/videoprocessordefaultGeneratorDownloads.php $ nslookup 37.46.128.148 paynestudiosde.fvds.ru Referencing malware binaries (MD5 hash): 57e6dcef9c3719c47b0ee0e6e09c8097 — AV detection: 37… Читать далее DCRat botnet controller @37.46.128.148

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 92.63.97.229 on port… Читать далее Malware / Botnet / Phishing hosting server @92.63.97.229