Received: from mail.static.54.119.201.195.clients.your-server.de ([188.120.248.180]) Date: Wed, 13 Oct 2021 23:2x:xx +0000 Subject: BETAALCODE — [] 📩PAYOUT_VERIFICATION 💰€150.000💰WACHT OP U…__#TLti From: 💵Slot Hunter💵 <contact@dailyprosperousnow.com>
Рубрика: ispserver.com
RedLineStealer botnet controller @62.109.11.230
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 62.109.11.230 on port 20767 TCP: $ telnet 62.109.11.230 20767 Trying 62.109.11.230… Connected to 62.109.11.230. Escape character… Читать далее RedLineStealer botnet controller @62.109.11.230
DCRat botnet controller @62.109.17.123
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. DCRat botnet controller located at 62.109.17.123 on port 80 (using HTTP GET): hXXp://62.109.17.123/VideoPhpPacketlongpollCdn.php $ nslookup 62.109.17.123 d3zzm0ral.fvds.ru Referencing malware binaries (MD5 hash): 4b47a63fa9c615d107786c8fffe6b4dd — AV detection: 37… Читать далее DCRat botnet controller @62.109.17.123
Tofsee botnet controller @185.63.189.27
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.63.189.27 on port 416 TCP: $ telnet 185.63.189.27 416 Trying 185.63.189.27… Connected to 185.63.189.27. Escape character… Читать далее Tofsee botnet controller @185.63.189.27
RedLineStealer botnet controller @37.230.112.47
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 37.230.112.47 on port 36265 TCP: $ telnet 37.230.112.47 36265 Trying 37.230.112.47… Connected to 37.230.112.47. Escape character… Читать далее RedLineStealer botnet controller @37.230.112.47
Spammer DNS hosting (cybercrime forums)
188.120.242.136 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 188.120.242.136 stops answering DNS queries for spamvertized domain names. 1 Nameservers seen on 188.120.242.136: NS1.DOMEN-DOMIK.RU — 1shnurok.ru — 1sns.ru — 2rich4bitches.ru — 2rich4bitches.su — 2tracks24.net… Читать далее Spammer DNS hosting (cybercrime forums)
Spammer DNS hosting (cybercrime forums)
62.109.27.111 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 62.109.27.111 stops answering DNS queries for spamvertized domain names. NS2.DOMEN-DOMIK.RU — 1shnurok.ru — 1sns.ru — 2rich4bitches.ru — 2rich4bitches.su — 2tracks24.net — 3oprint.ru — abro.su —… Читать далее Spammer DNS hosting (cybercrime forums)
Credit card fraud gang hosting (DNS): zuganov-lox.ru (hacked-paypal-accounts-dump.ru / fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
ns1.zuganov-lox.ru. 14400 IN A 83.220.174.184 ns2.zuganov-lox.ru. 14400 IN A 85.143.220.177 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 109.248.133.96 ns2.zuganov-lox.ru. 14400 IN A 185.117.155.168 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 94.142.143.206 ns2.zuganov-lox.ru. 14400 IN A 185.170.10.55 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 185.87.51.144 ns2.zuganov-lox.ru. 14400 IN A 138.124.182.68 ____________________ Was: ns1.zuganov-lox.ru. 14399 IN A 54.67.78.34 ns2.zuganov-lox.ru. 14399… Читать далее Credit card fraud gang hosting (DNS): zuganov-lox.ru (hacked-paypal-accounts-dump.ru / fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
FastFlux hosting provider — who use hacked servers to host malware, phish, etc. (DNS server)
https://bulletproof-hosting.com >>> https://bulletproof.su/? >>> https://t.me/ffservice? ns1.nospamdns.ru. 7162 IN A 91.224.22.145 ns2.nospamdns.ru. 7159 IN A 188.120.242.132 ________________ ns1.nospamdns.ru. 7162 IN A 82.146.48.239 ns2.nospamdns.ru. 7159 IN A 82.146.52.162 ________________ ns1.nospamdns.ru. 7162 IN A 193.47.33.229 ns2.nospamdns.ru. 7159 IN A 80.76.42.10 ________________ ns1.nospamdns.ru. 7162 IN A 193.47.33.229 ns2.nospamdns.ru. 7159 IN A 5.188.89.52 ________________ ns1.nospamdns.ru. 7162 IN A 91.224.22.113 ns2.nospamdns.ru.… Читать далее FastFlux hosting provider — who use hacked servers to host malware, phish, etc. (DNS server)
Credit card fraud gang hosting (DNS): zuganov-lox.ru (hacked-paypal-accounts-dump.ru / fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
ns1.zuganov-lox.ru. 14400 IN A 188.120.224.194 ns2.zuganov-lox.ru. 14400 IN A 195.54.32.116 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 94.142.143.206 ns2.zuganov-lox.ru. 14400 IN A 185.170.10.55 ____________________ Was: ns1.zuganov-lox.ru. 14400 IN A 185.87.51.144 ns2.zuganov-lox.ru. 14400 IN A 138.124.182.68 ____________________ Was: ns1.zuganov-lox.ru. 14399 IN A 54.67.78.34 ns2.zuganov-lox.ru. 14399 IN A 178.154.194.181 _____________________ Thu 29 Jul 2021 04:27:58 PM UTC ns1.zuganov-lox.ru… Читать далее Credit card fraud gang hosting (DNS): zuganov-lox.ru (hacked-paypal-accounts-dump.ru / fe-shop.su / vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)