Рубрика: microsoft.com

20.121.3.126|apply-get-payment.com|2021-11-23 13:46:42 20.121.3.126|apply.portalinternalrs.com|2021-11-22 15:17:21 20.121.3.126|direct.complete-page.com|2021-11-22 12:29:15 20.121.3.126|irs-gov.apply-get-payment.com|2021-11-23 14:21:54 20.121.3.126|lrs-gov.impact-payment.contoboso.com|2021-11-23 01:54:16 20.121.3.126|lrs-third.community-xcn.com|2021-11-23 14:34:53 20.121.3.126|portalinternalrs.com|2021-11-22 16:06:36 20.121.3.126|webapps-lrs.gov.communitiy-impact.com|2021-11-23 14:03:08

40.87.28.242 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 40.87.28.242 stops answering DNS queries for spamvertized domain names. 1 Nameservers seen on 40.87.28.242: NS1.DOMAINZONE51.COM — 02billingverification.com — 1998-reward.fun — 1998-reward.site — 1998-reward.space — 1998reward.site… Читать далее Malicious DNS server. domainzone51.com

Received: from g[].onmicrosoft.com (192.46.214.37) Date: Tue, 23 Nov 2021 14:2x:xx +0100 From: «Satellite Deals TV Savings» <[]@[].nauticaposto.com> Subject: Get $840 off your TV Bill — Don’t miss your VIP offer! http://[].noomhuaart.xyz/cl/16317_md/[] 69.10.58.175 https://canteenflatz.com/?E=[]&s1=374&s2=16317_2&s3=[] 95.214.248.4 https://cpctrkrrr.com/?E=[]&s1=374&s2=16317_2&s3=[]&ckmguid=[] 35.238.83.2 http://www.sprkcvr.com/[]/?sub1=704205&sub2=[]&sub3=374 35.186.247.135 https://www.simplycellphonesforyou.com/[] 13.82.93.245

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.113.26.85 on port 8808 TCP: $ telnet 20.113.26.85 8808 Trying 20.113.26.85… Connected to 20.113.26.85. Escape character… Читать далее AsyncRAT botnet controller @20.113.26.85

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.114.22.8 on port 7740 TCP: $ telnet 20.114.22.8 7740 Trying 20.114.22.8… Connected to 20.114.22.8. Escape character… Читать далее AveMariaRAT botnet controller @20.114.22.8

20.82.143.246 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 20.82.143.246 stops answering DNS queries for spamvertized domain names. 2 Nameservers seen on 20.82.143.246: NS1.PE-PODEMOSTODOS.COM — 0dayrox2.org — 365online-webhelp.com — 99cryptocurrecies.com — active-brokerage.com — ada-airdrop-binance.com… Читать далее Malicious DNS server. pe-podemostodos.com

20.82.136.119 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 20.82.136.119 stops answering DNS queries for spamvertized domain names. 2 Nameservers seen on 20.82.136.119: NS1.CIRO-DENTALPERU.COM — 02-bundle-billing.com — 1cdn-amazon.com — 365-boimobile.com — 365-mobileverification.com — 365cancel-online.com… Читать далее Malicious DNS server. ciro-dentalperu.com

20.56.43.246 is currently in use as a nameserver for spamvertized domains. This enables the resolving of spammed domains to the actual websites. This SBL record can only be removed if 20.56.43.246 stops answering DNS queries for spamvertized domain names. 3 Nameservers seen on 20.56.43.246: — 02-accountupdates.com — 365-onlineupdate.com — 365-onlineupdates.com — 365-onlineverify.com — 365boi-review.com —… Читать далее Malicious DNS server. peruadelante.com

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.199.120.149 on port 1604 TCP: $ telnet 20.199.120.149 1604 Trying 20.199.120.149… Connected to 20.199.120.149. Escape character… Читать далее AsyncRAT botnet controller @20.199.120.149

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.115.149.198 on port 2222 TCP: $ telnet 20.115.149.198 2222 Trying 20.115.149.198… Connected to 20.115.149.198. Escape character… Читать далее BitRAT botnet controller @20.115.149.198